last executing test programs: 24.119988606s ago: executing program 0 (id=1201): openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, 0x0) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) r0 = openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x0, 0x2) ioctl$vim2m_VIDIOC_DQBUF(r1, 0xc0585611, &(0x7f0000000200)=@overlay={0x0, 0x6, 0x4, 0x0, 0x0, {0x0, 0xea60}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "12848098"}}) syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="04040b144d4827"], 0xe) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000380)=0x5) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) openat$sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0) poll(0x0, 0x0, 0x0) r3 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) r4 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r4, 0xc06864a1, &(0x7f0000000440)={0x0, 0x0, r5, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r4, 0xc06864ce, &(0x7f00000004c0)={r6, 0x0, 0x0, 0x0, 0x0, [], [0x0, 0x0, 0xd1b0], [0x0, 0x0, 0x2], [0x0, 0x8000000000000001, 0x0, 0x6]}) pipe2(&(0x7f0000000040), 0x80800) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0xf, 0xb2}) socket(0x1, 0x803, 0x0) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, &(0x7f0000000080)={0x0, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r4, 0xc00c642e, &(0x7f0000000300)={0x0, 0x0, r7}) close_range(r0, 0xffffffffffffffff, 0x0) 22.340655042s ago: executing program 0 (id=1204): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)={0x74, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x3f, 0xe, {{{}, {}, @device_b, @device_b, @from_mac}, 0x0, @random, 0x0, @void, @val, @void, @void, @val={0x6, 0x2}, @void, @void, @void, @void, @void, @void, @val={0x71, 0x7}, @val={0x76, 0x6}}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x74}}, 0x0) 22.130441305s ago: executing program 0 (id=1208): r0 = getpid() bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002140)={&(0x7f0000000180)='tlb_flush\x00'}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x40) r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x31, 0x4, 0x0, 0x0, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x14, 0x12, 0x0, 0x9, [0x80005, 0x0, 0x0, 0x0]}, @timestamp_prespec={0x44, 0x3c, 0xc0, 0x3, 0x0, [{@private=0xa010100}, {@multicast1}, {@dev, 0x65a}, {@broadcast}, {@empty}, {@multicast1}, {@multicast2}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x8, [{@dev}, {@remote}, {@multicast2}, {@private=0xb010101}, {@rand_addr=0x64010101}, {@empty, 0x52b1}, {@multicast2}]}, @noop, @noop, @noop, @lsrr={0x83, 0xb, 0x0, [@rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x13, 0x0, [@dev={0xac, 0x14, 0x14, 0x32}, @remote, @multicast1, @remote]}]}}}}}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) syz_emit_ethernet(0x32, 0x0, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x4, &(0x7f0000000140)=ANY=[@ANYBLOB="18020000000000000000000000000000850000009e000600"], 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r5, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) r6 = socket$nl_xfrm(0x10, 0x3, 0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(r0, 0xe, &(0x7f00000000c0)={0xc}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x4000000400000bce) r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) read$msr(r7, &(0x7f0000019680)=""/102392, 0x18ff8) sendmsg$nl_xfrm(r6, &(0x7f0000000900)={0x0, 0x0, 0x0}, 0x0) ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60) openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$USBDEVFS_FREE_STREAMS(r2, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002003100007006000000002000020d3"]) 19.609985357s ago: executing program 0 (id=1216): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240), &(0x7f0000000280)=0x5) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000008c0), &(0x7f0000000900)=0xc) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, &(0x7f0000000a40)) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}]}], {0x14}}, 0x64}}, 0x0) setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) r4 = getpid() mmap(&(0x7f00002db000/0x2000)=nil, 0x2000, 0x0, 0x4108811, r3, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='mm_page_free\x00'}, 0x10) r5 = syz_io_uring_setup(0x4b6, 0x0, &(0x7f0000ff0000), &(0x7f0000000000)) io_uring_register$IORING_REGISTER_BUFFERS(r5, 0x0, &(0x7f0000000040)=[{0x0}, {0x0}], 0x2) sched_setattr(r4, 0x0, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) r6 = socket$inet6_udp(0xa, 0x2, 0x0) bind$inet6(r6, 0x0, 0x0) socket$pppl2tp(0x18, 0x1, 0x1) syz_emit_ethernet(0x1046, &(0x7f0000000880)=ANY=[@ANYBLOB="0180c2000000ece64fbcee5586dd6902934c10102101fe880000000000000000000000000001fc0000000000000000000000000000014e214e2404f19078c813905606000000a6b61e701ea79c71f39077f4e95bf69cc584aba4ecf7fd9ed5ace20c43010a88b8c32e2cb677387be0e560841fb5809ce6a349301188fd16f10eebcb2080253540a192b1d62243a3269af5cfe35fec9a0a5119aae1e9fb95e02edb0d193830cea9d381ee15a4fdc287fe31dd6592bb9f9d6a6e01d61dc229c29c9f9a8d0cb1f304a1f3a6de81830656c63a9c5d361bed71ca62772be89cf8c5b8f1cd668d5de3ee82cf8ff114a66ed96e9808c24ca0a52ebb11f297c61bf20449c8b347d678dbd182c9f59e71caf8642dbdbbe1928021cbecfb53502ede156b6dcf48ec1f8cf6d1030be6b462cfb1af97f702f68c40b746162066396af4d0825c07e3471ea211fd26843c46c4531d3503de333fa17b65e78315030f076921fefe09b947406b8349ef4989ab83612f291ab3aec97925d3c722a2953b77aa38c25539371e77bd4f68f18c382543b9a7389370c2f7560c478c0288d4951627e25f20f5ff8047de88fe3ebed5822ea43192243ddc44454da43f9596da8ddbbc7d26146e7b9b7e3d555da97c9a537f61ebd4fa379d96989a4acb1e134b1e38ad112faad2b377fc45795b89a32e8e15199f4de9a6add43a8b84257da5ed807400b1d3e29d4df83224c4fba74d75d19f54c158dad2b1c31614c0331565c657ae018171c672bcb5351de79c3ffaca117070c6fe4d8b021c349717289f1ab19133cd0a4f6ffde71b77e6d9ea496a69f54ff4d3f3a0bfe99952dcd76b2f76e85d6c61ac20c95028eb4070fbdfd47b19df5f2eba2b3d01eaddc19e6ce07150084262c8c261c1ac83d0ee9d9e20b27f323ee2f1fcff18e4e8eda7a96e62f84788b5a46991b69a58a7ab1792b2fdab73a77c31881b73d714de5b76e4a30daae3aacd7fcd79de753081de4fcd06686dc14c51c5579c6387988d301b1a23f9a6da8d22509553fac0c6581ebbcedaec5dcfe96d61dbd4ab2579b61363974fcb753485188aaaf9ce28f7c0e605093457a76cba917d3688af05c003e0b3d2c12e69a8249393c8165df77560be750a186227bb4347dab55847ac63d0f3d1238fb2feb625b2ae69357eef1af19079188699f82e0bc637a1a678e777c034bb1c1595fc3c012f1141f91cbc5406bf112dad5a3424145a2864c6d9de8531ba6c623be7da27cc48bd759a27fa86ed0a69b87070eb58056a1214785959c3a30f10a6e4b44019b99c32b3745907fb2b068fb8a795e7358e4c09c29e9494ce9748267d7a3613ae83afe552861a7d905c1ec7f92d9356338e2e2eaff6949123f9fa032294290a03fdc4fcfd19f29dbeb604ee6b831586dfffd1dcf8cee76a82beae2a035add7532640095443bf5a025fafef1ec958e894bb6b3bcbb3c1e0b053c0534aa49c9ed81f9964dfb5d9c1d805c811d092f6aaa04fba3f57e9d1195950bf958c0d5377673da7bf5ebe4031a60dacc394a7e19552d443acb4db61f259def2b1bfe3e033fe5af7fc6e97589163570f2588018bce2720da183d29ad3ef6e171dd3d261c2bffa7bc35ca9d68d4c9a3a67d853ff7ae1a5383db88474e7b2fda322a280e10f8a9de938381d64e75741df1bf6ea902d1fa90f099106a71418f0957ee26724d60bd092fbaeb5e267e5bdbad8b9215c4eb22d8ee2de9f7dc31b676d1ebd34da9fe35f75f1f7f010b84114f4e797a14347a83d41dfb6f8fd32d785ac5eae5dce7b5d0e95a43a6dae683f122dd540dd0005511cae9588b0b812097f8070e295f93f71341836803699b24e8de38bd33a12b78b3ad3beedea5ee434abb1789c4102d64538274c3849795dd7edb4c7c733ac330660e03b57ca970a7cd0733e638815f44edb46cee4c51bdf16e684f5354f55e66ffa762cb64e987a4a1a1624c51aae82650706a0699a3092484f2c8c27ec34897d02425678b4f183f01c8e0b8b6805fd310757e7a6ed036302a48e1c3a291ad93e966421dadf954c5f17759b380b7f8d6a21d8204b8b2263681fafa6ac8fc158fa202abb5f748fc0ec1678263af50837757e754b5778c7784a0872d7d72da4c5f7e9ca8806704a697ce524058d7c56836062d974932a51042e038c3c1755f2b5b1ec5b9e66d9024237d65b5452ba1314b4d4cc93e80fca36a3669e476a10285073006346e577ca2bd64787e6ae67641dba88fed0bc07ddfba2eab09fe31f5789b5440903440730e3e0969bdfcb221122656b60768092bf382f76ce642af9179f3f048e028a21e327e552ecb9a07f1943676990c42713eab6faa69b342df485598661aafb1f07abc5275449854dfd23aafd587e37425db70be3cbe8c7560a825b2b754123345d0c2801f2d0a91a782d59beed152a0a4f68ac82cf0ace1b50c8620077c25cf3e55e12d2803d83790e52815376e487643602db5b277e517a3970eadcaebb2dd0cb607a76ed2b1458b83d2f63e12102a56a57a2ab5b001af01ea9752d706b6b7a3a3e6af5c3816ea33b2cfe8644e709544941e700f2af1475af09c64243b7aa3366d3e69d11855b7b44af0cafe9f25a37f5300c40cb2f1f88f1af0c5afb67b4c8ba3ab4814f495efdb19bb5974ae94471f2706ff50d6bdcbccb28623f1401e82739a4c9b7b0e7b1f9243988d4583b0f3823d432b4c8debff4b236a47d3b277eaf86f71f61ab1e387630cbca91aeade344986583b3dc1c11b9f9302a0ade93d602d96734dc56094c506cfed036714426e9503c230f86e805f9705e9d533519cc79a3c9b3c698f3cfe8c9d32d6907182cf72377a762ff0d6570ad97d08495cd5d3b55b9f3f8ea3209ba7f37a1f13495621ad32f621e0409653d72917bc5c702fce23bb6b7b920f739266fac13970690b6f69d9ea689a56a2dfe6593271fb1ff477de30a2efe7918e9097ee67e44b78e0f22fadf1def10e85c89200aa7f57971f8cb815facf164d0bd9bde750f6f3470fbde19bf68b70d8b60b4f0674ca1f2e8501e7435a7465062be97d0e0dd370ba7e9f7f26f482f55f852c12274ac89379f2087034eaa7a3caf8d2758cff02c7c0be4858c819a0a124b0257cdb9800f9bb1f2ea757c451a4fbbe733ca1b96956a541469c11297abaabb3445670b3ed5c474ce48cd782176fb3f888413b4c606e3f941df645ac45962cc21c46e22598e14033833a3e99ffcab855a629358952802cd0fbaf3619cbee1b188133dda63163358cabf27fc3155eeae24de6acb5068dbf20d4b4be83986c4ee128aeed1ad8b5963849c54af7026c728e33b50e7e79d0338637d7fbf66557dca92237969c22c00e45edb8274550a1a244015c6506d88177c176323230a08f27fc0dc4554a380da9fea351d83b42c397c2e9be1eeed9088fb3d995f5b3699f565d86da0962220eeb5da50cad80d59b5b17497712e23957b92d616b70f8e75a95b377fd6642aec9430d49ec04002e9537048b3f38251cbf8df23e55ae47253852b78b35c2d5aaa96537b4e0e8ac948935cb5587ef0df9611d4acf21cff2cea55bb333bbbb732022d62a8c7d783bc6f789a42518f38b4073cf747d198279d7b19bc3e5393bd6273bcd9cfe922273ef3c82d02f4120e10d55b59411afc4b0bb73df4a8953d081e8582a76bb115feaed17a94d7dc5d1b3bb4a3855aa813fc1270332c9891d3206b7d6a6074b93772b850878685125a1a5bf6c163ff320be5935a147f62b2a74115358b135e5319dadd2bff2ca5308859eba910919588d4c30d5997667a942f080e9e90cf7921a48e5aafb2df6e56531edbdaaffdd8d52fe8c71d41113a95a218249d07745d58756401f34667f716f5e6d45e5c8f0fed5d28f81075b325381a402344b448fe971b022ac3b543c248943a646652804b6dbd56ba1f40e51dd7cc2a791736315caf41c6796899e2e38b0babe4ae0e11e73449728ecebb7af2100b10484fb92ee2bc4ddd41ec3600f0096f2a53cdc7d04291fbbad3e8aefc72690050e3d54929a20e921dc107f7c679bb49030e027fc387d00bd957119e9b5846ffb7a94fb7dcb9fd92b2f9bdf58e8f2ce968496e4b7a1b671bd43199020f9ac2ecbd318e4e8c22272e3c3b8209395ecd7ef7aaf027985fa93b5361a21a12b6930236e4450d942dea3845ead4827aa2cb7b16a612d7f34df9e00ae3d77a4502e7c0164bdcbf0ed95a4a85f2e142812600e50fa03b191ed7807c806df37307433c6b9866affd47c52c711155318ca34e072708d1ac40f1e25df3529b20288db063dfb75a521b2dd11545cbaf6fd0b57d8f06f0c0f5a90d4713bfcf3c23c4d161b9f0359878dfe2b0a8754c5ce13f032de6925ddb412fdd143da1c031c617aeb44c36cad4ea20421e501bc50266456355f059dfe7f4aaf51cbe0ebf0816c32a0134727b063c64278b5e53c749cface0ede87fb3bfe547ffad52252f2d127a33e222ea4cdb05471a633e8f59c7f9c60404acd0fe928ce890a61e7239f47976b1ce9bd59c7d2d98924974a8ea24db36f2ee13af3dea88cb673d41e64ab51e011b0c75ece69311734bad856c985b6b5e00575d021b0c0c3fbf40e440dde00661a434cd42fb452b4f7871f15a5aab6d1f1937cc955742774092cf99f07f6bec9807387d0f36a7617cba1287ec4d014eff96e40481bb910950f30201fd0de8f0800b4a1fa7"], 0x0) ioperm(0x0, 0x1, 0x8) 18.474672291s ago: executing program 0 (id=1224): r0 = creat(&(0x7f0000000380)='./file0\x00', 0x0) r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000500)=ANY=[@ANYBLOB="12010000000000406a05f80000040000000109022400010000000009040000010300000009210000000122050009058103"], 0x0) syz_usb_control_io(r1, 0x0, 0x0) syz_usb_control_io$hid(r1, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="002205000000090166193ed41827f280639776ad5c85ffbe12ef883c"], 0x0}, 0x0) r2 = syz_open_dev$loop(&(0x7f0000000280), 0xffffffffffffffff, 0x28141) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0) ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f00000002c0)={r2, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd0000000000000000000000000000e5"}}) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) socket$nl_route(0x10, 0x3, 0x0) memfd_create(&(0x7f0000000040)='cgroup.stat\x00', 0x7) mkdir(&(0x7f0000000400)='./file1\x00', 0x0) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x80) socket$rds(0x15, 0x5, 0x0) bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) userfaultfd(0x80001) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2}) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000500)=ANY=[], 0x90}}, 0x0) userfaultfd(0x80001) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_ZEROPAGE(0xffffffffffffffff, 0xc018aa06, 0x0) r4 = socket$inet6(0xa, 0x6, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x18, 0x3c, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000080000000000000000300000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000182b0000", @ANYRES32=r0, @ANYBLOB="0000000007000000185000000a000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000b7080000000000007b8af8ff00000000b70800000b0200007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="00000000000021b371c49950968f000085e243583f8b180c0ee4663a93a16d70270600528217fe59c6371404fd25885dda0e82b780d586de11bdbfb1b354a12431e5580000eab0d246616bf1be694bae35b8a3ad51866d9dbf808ea56fc0615e75d7f509e32e3b21bf57a229a828a85680237a31b139d18088509a15ffbbdeeed23f4c6c63c0208b992bdaa6e1a85bce21416c0e3f8fa66bc1a93b9e", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000faffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000ff0300007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000010000008500000082000000950000000000000018250000", @ANYRES32=r3, @ANYBLOB="000000000400000018310000040000000000000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000140)='syzkaller\x00', 0x3ff, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, 0x0, r3, 0x8, &(0x7f0000000180)={0xa, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000240)=[0xffffffffffffffff, r0], &(0x7f0000000440)=[{0x5, 0x2, 0x6, 0x7}, {0x5, 0x2, 0x1, 0x6}, {0x1, 0x5, 0xc, 0xa}, {0x0, 0x4, 0xf, 0x6}], 0x10, 0xbb}, 0x90) bind$inet6(r4, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c) listen(r4, 0xffff8000) r5 = socket$inet_dccp(0x2, 0x6, 0x0) connect$inet(r5, &(0x7f0000e5c000)={0x2, 0x4e20, @loopback=0x7f000002}, 0x10) socket$netlink(0x10, 0x3, 0x0) 14.842723051s ago: executing program 0 (id=1240): r0 = syz_genetlink_get_family_id$l2tp(&(0x7f00000014c0), 0xffffffffffffffff) sendmsg$L2TP_CMD_TUNNEL_GET(0xffffffffffffffff, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001500)={0x14, r0, 0x1}, 0x14}}, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x3ff, 0xfff}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) recvmsg$unix(r2, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000040)=""/27, 0x1b}, {&(0x7f0000000400)=""/170, 0xaa}, {&(0x7f00000004c0)=""/129, 0x81}, {0x0}, {&(0x7f0000000600)=""/193, 0xc1}], 0x5, &(0x7f00000007c0)=[@cred={{0x1c}}], 0x20}, 0x46cef15b77d5ff31) r4 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r4, 0x560a, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, 0x1}) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000880)={0x2, &(0x7f0000000840)=[{0x40, 0x0, 0x40, 0x3f}, {0x0, 0x7}]}) socket$nl_audit(0x10, 0x3, 0x9) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0xfffffffffffffed1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000611224000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff) syz_emit_ethernet(0x6c, &(0x7f00000008c0)=ANY=[@ANYBLOB="ffffffffffffa7aaaaaaaa0008004503005e00000000002f907800000000e0000001248022eb0002000000007f1af28904974675b32686dd080088be0000000010070000d41315118dc7caedee2014c233fdca8f0100000000000000080022eb000000002000000002000000000000000085453a0d0065580000000009b2482d729f0c771126d9ec449fd2e9884c4a4d92303b1a17f8c1156dd44a07cc19015d71d033c05bd917a5bcaf40391c37853456f3204ed501bbe483b18fa425782de0c62a9e067ab202002b503395afddd0d61c85395e2ead995e7ce8110d4bf20e90a536af84bf2012742a99c343801bfb3487b4c53f"], 0x0) 11.821054338s ago: executing program 4 (id=1248): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x2081, 0x1}, 0x48) memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x0) r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="12010100000000105801000100000000000109022400010000002009040000010300000009210000000122dc01090589"], 0x0) syz_emit_ethernet(0x46, &(0x7f0000000080)={@local, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "00cd04", 0x10, 0x3a, 0x0, @remote, @mcast2, {[], @ndisc_ra}}}}}, 0x0) r2 = socket(0x2000000000000021, 0x2, 0x10000000000002) connect$rxrpc(r2, &(0x7f0000000140)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x4e24, @multicast2}}, 0x24) sendmmsg(r2, &(0x7f0000000d80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=[{0x18, 0x110, 0x1, '$'}], 0x18, 0xe000}, 0x5}, {{&(0x7f0000000280)=@hci={0x1f, 0x4, 0x2}, 0x80, &(0x7f0000000440)=[{&(0x7f0000000300)="25cf7324af640e3ed174361301a0fb598232777902d724cb8eda12da3c2eb1394e76", 0x22}, {&(0x7f0000000340)="5ef2722006e02bb4986169a630f236e9dec6413b181ad0523386b42e563664fdf61cf239d12f91d77357e4181ce34833eac9609ed920e77b6ced76f5a55209e050dc747cdf46e6924f04e5adc96c251d494ddddecc9300706c1d772caf4c9a401860fc2a6aacbcb609109cce1f140adee3754e7d7924d3f2a3ef627b216508bde7e747c350ced2b117c0e998ebd4340d3d687f20f58d761f85b2a57d70c788050cff4b4215f9134a10c6ae4495fd9da478b3714ef326c43ea924a1226f25848810c1feb3416b2685eca93445487d", 0xce}], 0x2, &(0x7f0000000480)=[{0x60, 0x0, 0x7, "5edf670516d4771f1756c5dd625fc8419be33591c68cb160cefa688182762fcb482be3bad48d1f3d2f429a0bda2db46f65ea48f1bc6439b12f603b75e6653ccea1f281fade0a4c60b6dd8d8d"}, {0x40, 0x113, 0x100, "e4834714a51468c846409822d3e019c1ba77c9102356610d9ade8f0000c800000043000000000000000000"}], 0xa0}}, {{&(0x7f0000000540)=@hci={0x1f, 0xffffffffffffffff, 0x1}, 0x80, &(0x7f0000000b80)=[{&(0x7f00000005c0)="67e6de0ab6dea771d6694956029a184ab026dd5254c774a66e853d4139f6132f5b396d706b3c9c39cea4d2143a9c2fb3b617b8f0c1ceeee99d40a80cfc66c9128dacfa2dd20dee3174d9c11d872a1a5ca07470e8ea583e32cd27d68b3cf8e2210aba007334a6bef1ae34e64421fda7160977a3e309f4a04f74b3a93b6a9ab319174d833f5f25401f27498e21fa6803fe1b02ff43d3311e86ee4aa7e8bbcc1f70cdc50c6985aab03e155c7195818082aeea6d3b90d8cf0e3c018e9558b4d306285a78634647adc5002bdc0fccc781c6", 0xcf}, {&(0x7f00000006c0)="1beb32bf5d29588a3fbf4270469f6ff3d395b4f7c244a4d847eaadeefbc2fd51ba5e29000775f761c555efeb167ba9dc19267bcbaba377aa65b2c722d6520838156fe229358b8af34d918aed6379e88a47c4cdc0b5ea9b14d7472289d288ab3a7f5303ba4181e79810f73183ea0c9282aab9602eeb65154d8c424d14c7c63cf759b7e4db1d8bff93edccfb6ba069d91a9844da8e48a1adef8ddf4824e02ae4", 0x9f}, {&(0x7f0000000e40)="244c67a88999081b515e662636ff051a028ea646cce47a31407699fe5c2d46978970ecee63bd472bc6731b754d0e29c4817d56c0a85e6f2c71cc8d1d230e3133ee7253e4845ed993a68766fd08197633941fc45a9ae0f59b6e884a2640a43d40a8a776079b0f12a1935333279706079d6da9ef2871836dfa93cf8f83ceb18dde6fe1ac32a98f2139a71127adf25d8d30448f3cd617eae2c033f93776328669a78c58d2b74020c28369505c0137e06935d1b2fe8d54d033e5b45ecd7d3aa30111d5d81717f836f2675072661d62deb0e7fa0f942a0bd57c3f94b8be368c9b00173c281e58332f1a421f97914ef4c0cf8f81aad6903649c3427237351f24d0e6d3a182dee3114d00acac22a1a8a6e8af44b5129854cd5a98c0903bdd53183abba52234e91180997f9691e26d4b280b13ef8663fded47cbed7c757d14bb07f80e2078d1b3d2e3bf69f38e5ad664079cd6b8c12328a6b1f6cddaebef1039c921db33b39c69d47afeaf4b8b5c80c2ce4c74ce8b36ef1e4fc66da86389b7df5f2327c737c99c86c5504f242f6c3ecffe9b2d8fe3ab8daea7ecfd5c41a0ba02dd8e6a6cc2174217b2783875e32f9a9efcc8f34ea49632074ee01d3af9fbb40538e605f50878ec3785fd9cf48fe8ff5bfae86f49e0fa75aca1e3e5e784b08ed99d6083fccca1ad1ec6a4d22d2b4a3f5f5f5aeb18a56c35df2a412d", 0x1f7}, {&(0x7f0000000880)="069d1d476bf1ae0be8ab43dd4f773f946417b8fdade32eac1b020f958c18f78d0302c63675b55090b76ced874f34b726eb30c6d55c52cbf4e8867a978bda7324b6c3ca8d0ec185364c5cae43b780121c3e", 0x51}, {&(0x7f0000000900)="ab565b19a477a160c825dace56e1d0bce9bef7131dc0af24e77ee9ac2453ed98d8238266daad63", 0x27}, {&(0x7f0000000940)="a3fb904d9d7075acfc7f28356e380d441c603522a26173c3ef9c66e9c69d5029310d0997524f299649dbce8c2fde72196b28c6b23f5d49da1a13891f1fc28e1b24a2b929c0121a2eee66ff52cb3d64ad429793392291ee95ccb1545258fe9450ec8a052f1968a152cb9c", 0x6a}, {&(0x7f00000009c0)="5617948f7556fafd3c710d39b508971dbcef4020a0554c35636f1d3dd9e7028404d3195b8d085ee79a8a250e260f88f3efe9fa16dedbd4ffec67c28be439ca18d6e742d974ddca8d9edad77b39aec239d0cbfe325250a7e4ff76e3a5cfaf4f436cce5d54dfc6a18ca49ee9a84ff5d3568e9113b83e8b5fd0c51f040d3ff4c203a0f3b6f2d539f64aa9d68202d2a265615c13745d32d0047dd2f261f6a6b24155ec9c2186f45af774d46f7bc6ff0ece7b3b1d88755dd6cf20fe8fba5b780d53d72a5a9855f880240c9f5e525acb58254cd73ce245dcf453d0636b7b", 0xdb}, {&(0x7f0000000ac0)="dd04a32068aeca292027c82b90628385c3ac651e5a48b120de6062422bd67558ca59f30da7f180de3857b06ea9ef3846e5574dda848e2345e67ecbedfeeca896b5c9c64b1179c8b17df927c1fd4e816923d89beeb6d98e863fd41921f3cd9b7ee1403310ab7d802f38d537ccd1f75d9638576ca71b278dd2ab48c741dce85012c5d93206be", 0x85}], 0x8, &(0x7f0000000c00)=[{0xd8, 0x117, 0x0, "97726c7a9b4bb750988c4a2c869f6c13ebf2a9cbb5ec6e8e7ce02114a2cb40b6f8e8dda659e9ef47db61436f0e21d71c8847443b328e2440e024be5605673777a1484a643d756c13b2c35e42aff0861301b00fff06675ff7cc54ead3fff0aeb3a0503566abd950e0f65d5566778b08493355268f6a30e2eba887ede1e8b6e8e01d0ec3643f18c7909c7528108ab8f4fcbaa93aba7ed3c23fd42631c83d5e1e68aa1d3fb4fa1730888046b785bec475c3ca6645ac54d68543c8a6081276c8b67758e2"}, {0x78, 0x3a, 0x2, "4ed334603c48314d6dc8a8d1c3afeea522edd7e0d583fd3682b048a07789986ded8b728f6e0036907e88d0e8b9d57a91f1e82f81c972275ebbd0fa1935651b00b1a263c095b1cdf982f93252dabe9b703c0f925cfce50887a789ec5bf53f6b064e6de317"}], 0x150}}], 0x3, 0xfffe) syz_usb_control_io$hid(r1, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000040)='cpu.idle\x00', 0x2, 0x0) syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12011003000012002505a8a4f0"], 0x0) syz_usb_control_io(r1, &(0x7f00000000c0)={0x2c, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0}, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0xfffffffffffffe8b, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r4, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 8.800967474s ago: executing program 4 (id=1256): r0 = socket(0x0, 0x1, 0x0) close(r0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000020c0)}, &(0x7f0000002100)=0x10) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x72, 0x0, &(0x7f0000003c00)) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x300000b, 0x4031, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0x313, &(0x7f00000020c0)={@random="b3ae0d9fff6a", @random="caf66222e6aa", @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "430093", 0x2dd, 0x3a, 0xff, @dev, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0xa00, 0x0, 0x0, [{0x0, 0xa, "a78ce5400659808000ffffc0fe4023493b87aafaffffffffffffff2373247202fa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1802"}, {0x0, 0x1, "00000000000000000800ee00"}, {0x0, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23a5026e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x0, 0x1d, "06aa85616177c61bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0822a18b79f7c5eba31fb68b2d734a6671e27182aee4df24a4a5c6186c0d3baa75af390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5acaa556b9f30dcab2b90aa235a670670ffc5dc49dfb58d89310000000000"}, {0x0, 0xb, "d47ae6e8805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68e2d2c6393a9f3becd1a9f51a948b5b303f4f018"}, {0x21, 0x7, "fcf98a102ec1876d4e6fa3b20519bbaa8a029cee00b8d3485e4163ed09bdb581c9fe68a356f542b043059ff05932e740e077e1d16212fb"}, {}, {0x0, 0x5, "d517fb2cf1a4ffdc1b7e018dff16e70b8b14c4b7a94fe18e88605aa6be1a02a326a6bce65e81ed"}]}}}}}}, 0x0) 8.713101724s ago: executing program 3 (id=1257): openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0) mkdirat(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x8) pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f0000000600)=ANY=[@ANYRES32=0x0, @ANYBLOB="840e8b6f2f57455a71fa2aab7030a9f9bc3c693e63445272d1a3366fabea2ddc243add1e9d57f782d1eff6"], 0xb0) getresuid(&(0x7f0000000440)=0x0, &(0x7f0000000480), &(0x7f00000004c0)=0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x9000, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRES16, @ANYBLOB=',privport,access=', @ANYRESDEC=r4]) socket$kcm(0x10, 0x2, 0x4) fstat(r2, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0}) setreuid(0x0, r5) mount$fuseblk(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYBLOB="043e1f0a"], 0x22) r6 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_REQBUFS(r6, 0xc0145608, &(0x7f0000000140)={0x4, 0x2, 0x4}) syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="0405"], 0x7) socket(0x0, 0x0, 0xd2) syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="09c9000500150300"], 0x17) r7 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x60200, 0x0) ioctl$IOMMU_IOAS_ALLOC(r7, 0x3b81, &(0x7f0000000080)={0x19, 0x0, 0x0}) r9 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r9, 0x3b81, &(0x7f0000000200)={0x15, 0x0, 0x0}) ioctl$IOMMU_IOAS_MAP$PAGES(r7, 0x3b85, &(0x7f00000000c0)={0x28, 0x7, r10, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000}) ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r7, 0x3ba0, &(0x7f00000001c0)={0x48, 0x5, r8, 0x0, 0xffffffffffffffff, 0x1}) syz_emit_ethernet(0x227, &(0x7f0000000240)=ANY=[@ANYRES8=r3], 0x0) r12 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r9, 0x3ba0, &(0x7f0000000100)={0x48, 0x7, r11, 0x0, 0x10000, 0x0, 0x0, 0x4000, 0x1de6b9}) ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r12, 0x3ba0, &(0x7f00000004c0)={0x48, 0x7, r11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x23b3b6}) ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f00000002c0)={0xc}) 8.65255784s ago: executing program 4 (id=1258): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) syz_usb_connect$hid(0x0, 0x3f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000406a05014000000000000109022d"], 0x0) r5 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) pwritev(r5, &(0x7f0000000180)=[{&(0x7f0000000280)="0128448e", 0x4}, {0x0}], 0x2, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)={@multicast2, @local, @local}, 0xc) r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r6, &(0x7f0000fd7000/0x18000)=nil, &(0x7f0000000340)=[@text16={0x10, &(0x7f0000000380)="0fc733260f326766c7442400fe2700006766c7442402060000006766c744240600000000670f011424f2d81ef52eb891008ee0ba4300ecf466b95703000066b80600000066ba000000000f30c0370026670f22a6", 0x54}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_NESTED_STATE(r6, 0x4080aebf, &(0x7f0000003680)={{0x0, 0x0, 0x80}, "cb31455c9ea4288a70a2a6bb8068fd95dd041cf5b177a3bffe992dfbbdf959487337b92336ce1de32e7695c411c0bf9f852d2d71192f33001fd51f5b396a55cb98699a09d21648c4cb30d9d7e3e397c7a3c041c76c72385a46c48c5302848c3696facce956952c2a85822ddf20434ccee5806294ed563ff3a972cddf6ef16ddace933d8a5adea40cd3ad40c9873c29368838e815ff59723519154856b2d5cd9cd79a97dc2fa08dada1175817886e5f9e7aa3dca783a44c667a4806826570ec6acb57d65efc313a384e11fb633dee17ee600145f2cb3103384606140021be766fcb7fa029f0513bbb466177ca1068192550bbf4e6f5694aec747a16e27688a988fa595bca1761b8e88a7dbcaeaf97a8b7b53058b1faf880dd6f1b6eb4c7beb0582b4007f1a67db1352407adbe1456bf762c94fd825b9419d74f63cdeb6c6976de1890d773f0c8088d2bd48a838cf5b87f5ddf926352960fb978874b0f175acfa55ddfe84de3fc9f75b58bf7a35f33d3c43ed5e3224e92751fa1b43f94f64b681163ef1360a3f3bb7403afc67a188b2104b45c5814aaa9e218552498bf85f4b221d9acc32a331f5f8c109cc9f335ff4e418ab30b54b99d5376cd928c431fc8211fcbaf64716afdc4b6d0417e04d5723e4675d282b36bef3a3a19e855029ec7c33830a6df19332b63e9d8a0f22d96ac230c67657a4e7f7afab91dc0ce751b68980e5a4f6d9d6d9b98802ba9d8576640eea61b8c308a1745df61560e56108bececa3016d93246fdc8b768634e8319b1ffde103c07378f8f4927baba05e992a4b5af0958a7e495e7ce53f7917451d15a963ca14f5cdc4563775688b6533a4b97e0f84b0a33c30077b20805c1f42cc7815efada97ad59ac486bc9e0ee386b49cb97b47fbf8f919f06c75a49636795054b5ebee3e91602c90d7f4db49220affe56d56b96e4f662b2bf36dae482ffc7ba21cbc55e21b73309d6b7aa5509defcb77c236e43b579c61eae5c8d8f8fa71ad876b96069f2e4352c8aaf16e299d21edf5434c0cd9b25cdc9210fb0de759b1dd3fc7fe4c7118bbde72a5617dff21f7a5036448fba7fe41aaee0c289cd076d757e47b0713b236f6f141ba0112c9312b3ec853aabafdf1eb2cbb517d2d7352725f557214d27d9a340af0128fc960a4ea64c933b0d8dd226b6e024471aaac8a7074b2a8695ab990fabba5bf315d246fbfe4260f1fffe54814e33b6235c5b4095437298858909bcbd40a8a286d1bedb06b7b1775bce0a5bca19b0a5c2fa8dbf87b55ae0a43c5086422e5bacb94047e150451f5996420b0d4a697f59decb49900b2b9c13aade536933e14d672c21a35cb68572c3de02f3147414eff4b8674b91f7aebf35f056a8d388f67f8ef7cfaf6b28fe745831ef41def1839791647016932c70685752851327f1837d2f1e9d8f93443eefed2317119c8152ca451a5d3aeb253fb484283f52e5db9f61f059ad3c217a860ee0571d254483501b00699208c7fa5571cf58b9715c954115bc2db0af28361938bb95ced7370c8cbb6141ef62fdbf369dfc4eccd98ab9886d79a52cbf91a27dd0f4b29940492e860fb94654dea54fad6290570760e3b59a0cf28053732472dc313b5fedfc583fc702a880971dc61286370aaf167810455cce7654dc4325a41d9d1944abcdc4d81378f1e96a8f94cd95b886a01f086e379601504219d57d531ba34e1ba0905785fb629c61f6b940a652cdee9dbef12b7fcde087b92816db3386a5769049ba00788e31de4ddbb8b56de1fbe3a5e671728effda7cfd0b650cf5df2faf22470812efbbb548e47cbf36c64e05a7877820f08948ceedb35e12a4a143ee0101a7bf0a00a4062b50c39020669700adf739a6f75352a45fd1373d3e85c3867170373f0c7a794d8590f4c22ae62d438ec365b0f6a15cb2ffe0fc6f57185e1760761bd4370027c01dfad0502f00b6898115df3c530d0b0b4a64e623fd580b528a733e4c881cf5843a975a97f92a7833527887c79fa8eec82b9526a15c6c5f2972083ce8aec735810580ffa4ea2cef4823aee044dd70927f7c07bba18b930006aa86ae7399ac6b4c24bc9d6a6ab0c5b428d7255d4d983eadf97e10c1b00867da29ac981acb453073a37236e7ae808e7759b2e0cffc3ec43afb1e95cd090a7d4b9225a0e3cbebfe49b93846ab603891e2da7d85a04bf42d12d16a97c965bc4911d3ba7a9ca505794d8744fef00a436089de67aa8b480070230dfb002eb91edaff428d4908a87afae418dff7ca59aefe1ad8f6935f309fe7985c2310881659c60a66a5e50242497ba1cd5d2bd79496ccd23f9fd901afc6622829cb3701caa50f96e09e3b23bfa3181b74ec7dae2e42c9caab43e49ae1d922a1a1eb3682de026323d9215fcec42c54401a1af81450830a4b784ed1c7922734bf3632409147680dd3fabcef296353705bb5c0e650e12905a05db1e7923923a96ddc783fc1ed46e2010416c37d9d149ad73e808bd6e4464f62893024a8501803b6c88fc55c8bbc1da7cbf580b5a81fb7c61455ae3a8aaec303fba12e0f2b51ed5e8bd31db40e8bdbd00e7b1ddd364766c974d813d86fc88a27bf82bba60c62e5f0f6af6bda3390f8e72a2811baf3d6325e70d9a3b59cab1abe95290ecb87985567e1243504c038de9d4d100ea64eec45208cd8d2474e646f7d81eed6d59b8b0859552b6fc088d874cde3e75ee30243dc9d88ed5b577851a5bd9e2a453287025777fcac19ac33e1c94b4ad272f1055b16b842a6bd6168fb45f1f74ed2467020df5431068a5f2cbeaa6ac1841308c7c9f752aa06927f91fdf18ef9d9e942367e5ecac0abf4d3b8fc7b80238c0e7faf2ea7d3f5271028fc558a44799bde63168becc67c5531e843336fb16ab618d37f95a91937b824bf896b044146bc3a5e264a8f23ddd00729cd9aa56d9a9a24b7ab96ae021b193d8874d43ff4b723d86b7564e550378599c3e0c7a2b3d447ad76eb4cd699733d970a5ab218429a1af81df9c8013d6d16a6bcb019f6ace4461cdaa785d20ea027cfa53d521bb91ad2c04aaa6c0f268b14924803977633280c7b7beb14c88fae542b7a13e96253259e7296e37276da88891c14664340e84ae732edbd71e67047e476735b220ca231de31a380ece372db632ec3cb3ef5ac97ec41148febd2acb15cde1ee5e990ea0aaa95c2df39e2111dd1185d14a194e22d34fda8f54e99d3a73e5a231682c726d40816e048c1d059bf3bb9ee2b5f895365d95aa28f6adbf6e16469926b4d8ee7f04c7dbafaa444df5b88596c17874f0efe35e5ada1a69634f4b430f852d33b032f823c5deb54f47a7a4adb1adf56d5440b7a917580004c13e0b36c8e0a203a2be3f8fffd9efef3af19389a12c67859d4381ac0a02da18e25931b41216b731de25e1245482c84d45de1cddbce2109322a3428bff692012573fe9efd02109dbf35c5d3a287dec105cf3f1a2e5f0b1cc08c7b4759766d25d0f7b42c3ea8bf8101e61159a2ba7602e9c7947cf936ac39bf59b24084709fd61d704bbdba7d282aac778b7ec1dcaf984527c8112d56e75ab774d1598d9816abc77b0e693880beca5f330c626774ab5cb6967fb0ea8e14efce120947092c3b6f8a22f07cad22e971418092481fcad36ecf0cfd6bc3864115b8507c13554584f1f6fee5ee07eb6a091638d8e7781c1c006166e0f987f9f4de535e9f3df1db8c9328e9a19a73c76059ab4edfe9eda7f16cc6b869229bafb179d194e20ccc6f9338183b673de8138ddab9a0907278f6eaacc55bf59a450ebc10e0b88c82d9f0deca86ff771f46509250fde94e0c94256b77616d099862ddc9b341838d634a9dc4b55a88fcc6248901135f6aa76365433e7e534e0e5ae8eec2a63df62c3e244a40481189ff54122698c7e2da2c829b2eec9efc9894ee05be04ae6dd48406eaace17827e38bf38b414059aded0343e0711a8d864ff41a8d9ed40fb2aa1a3f4014f691cd0e8af62445a021820ff03afa8a192ee255862f306851df1de96ce36cafb6a60b7069db7aa96fd1ffb2fb01e6247f770304dffe4b1c8d0eeb336dd6806d6ab5d418953b1cae7cbbf53766b61e4aad5cfce8255b78af26f9bd11283a9c7d12cd63b82cd2b506fd4061d1e16fc7c713d80763c3b0aa0faadcd9b7d676101aad80e1ca00369297e1f714003ab8d0b545c335014a522a25a767950963ef821425b79b521076166d0df3ef358c7d60d99cc85463c186e8faf16af79785680382e4cc93f6594f8c4461e0988c08717640df24a5f357db22432fcae21702dc792d201212fb3791e0164bb3d433a8268ec96df73766fdba42965e00e619246cba5d96eb853a7c22c34d2fe5e5d3f3ccf9c627d069517b743cd07f6f7b444074bb9a50269f2e03309c58930e56a9583eb00c37fbcdd391972261f41756c10c8899fcd036e2017e088ef9e6ec31f795d55b3bba214c53c98fc9318e4ade0e7e6fd259aa277fed54c27e5210787a5f6937f56fdbe1da5113f059061ca590ddf536a55cb91ac6ed41cb9c0418b115b29f5e823c1b0ee7c2b3982087763545b34e2c945d587ebce69bbe299a7f52b674f351977370fc700474bc15d7e6ef98c14258ecf401a4f3bba1a9aa76c5ab0b8819fe6efe3fba1899909e5e48554299150ee272451b56142d12ae2bb4942db430239701d494917f2c939a6fb9d98d4751a6f2c4537ec870342d223343a9bd7b8d8c99aff8cbfa298395551185f35dec120228073a1e496a58b59d9ac5986249a7c6db9398395cbf341c08ee910700e2daa042dba1846fef59c72ce872bba2046a14fcf9a47a5686d62bfba76309a9865c26e5fa41dd872fc749fdc57953105ace4978f9eb788c8d061c853ad0313e51e732c5d7bc05e752443c8e99b8e81c688befdb5b14c3cc2f96eb8ce8290303e483992fcbece1ff278d0dc036ad437b6cbc695c7741ba4556e242146d40843c73deaf8fceba40e4a4acd739b3031848b17a210a1ff0dc1908b77c4bb94543af52e1fe2a090c8f217428d02336303f7952c3ddefa7c81850676e7f4cc3d32c3937281fa5ab279c3fe39f92ba077dadb8c2c3df17cc511bd33c41cb161d24aea154f0f5902c94b56fe072d321a983668bd9f4838878e66ec44cb233d7d0ca908a794c844ff8b3ba4c57f6c5fc2f3a54db448b013f0c4998bbc6ed0409b3368391cb28c6df4a909fff90f308ff38c758ff7d8a2920bc221236d89b3b76de44e8ce649b32f5135a0217ba9036a8edddee97d7ba15f2c21fb7d3cae3eb6ef09dd03eed650489c83b5ba5dd9daf7a86cf0544fb8a58e46b860e3e42e10cd6f1c4f81179eb2c3ba611793a32abb4c0768db90e8bdd1694efaa9c2b45c89d203fdfb8b926b6a0d666d91b93065a83184fc2065961f2308056241b66f427c0f0aabc75852c90f0624cf036d537032ca8d73325d2ae2a79a7292c240c34584bb881fe5d468a051cbc0bde061f9eddfb758cd2dfba296eef549e5c4ede097111216a0ec60f90e8d6f5dd843c82e15f505f8c74e854ba9cd386249d552978eb8135a5f8c79c3ceb8dd5828b0218ffe40f375d6cf3ff2f47c276c8169ab98336582a852c1535018fb2306aca6b8c9f9e38d64c66a722762b76c69d4ca6c14bd6992549e4eec17287fce194467f972d9200c3d1ac4fd4a8f2620e2e4281d28c099946ed90789ba122705326390d3e058ceed24044e542efb36416272eadf6304f30efa0b7bc1ae5be92fe50e591ee6f725726e917ec113506920beb2aa53b39f1d76b31500", "cfb220c7d481332f3f1f8079dfe27e23185fd67a407358db7892789f96b7fa9b14daa48617a10d8a91b820ecbaa470ec0bb1f3cbce7f70ec70b19a4cad082229c2788f8611d7dc306d9a45761a97828c36ed87ebde5d4a3e1609c1422a8ae2f7cca428ebdb0dd38b90b9598a353b18a600bf35a369e6e3e5abb0a1c5c0c0e48e014e7ef1b7d768b3c5657f1adfbb7ff2985082b16c99eb83ec3660990dcf1106efa6b7f8a4798fec811c2c85faec0235c83b7093b3d02367421abc40a554e0b0d7fc1bcaece4222c594f8d20e368fe625ca433c75486fe5c94103cd17291349ee12b877602936688666f82ecd8f4f83d50bb1650e08b96cd25ad147c4c956c98649806a3736d072c8d97c6e3a46a7c18535df8d828b86662400d8e9cc861fa1dd5dc193892d3168396c499e07b279fb76c7e289f2fd955691363bc1de74536dc571817615c88b0d594a136966c129e424ccb7ef1c7c7461eac7ca5f03d72ea4c9c3d1156ee4cb1bb70e097357588b5c49f6716bbae1bd118104b42786f09a3b9f7cb80f383cadfd0c462096ff2bb637b7cf79764b6a4b7ffc5d87c1f063fb48e7f08ad5af534c70079f12f28e8921abbd4280801cdf6101ea494768b1274afd0eea5939843d56022a83590920fe446d52dfe699c33977d5592dbf7e0e236b8175d7faae06e0c50f7402174023ce4b996564e945c416fa823f2f9c3213ac50b20bd1fd55bb8d9fe70ee31ea2f404ae0fcbf857bebcc9196c8c622059fea2e248e4058905b69fb98be312d3193ea1d8ff653173e8c2371371b77a5bea45b3cd6fba19b6336f94ec04c8f86d24e9ca959874577d7ca0baf3c4ff30b554bc3ccc06df46d925373fbf7863e2cf684d3bc9603ab72b851ca4728294de87f2dec6f23ca9e43ed2e5cbba662d13137fc1ce0f6ae6aeb974f72f4b750825fafb67715e425f40c7da83b92d4249a0a4e96b789cceb7b07f38cb83f72dd093a345ab3cb8ae760fc14e40ea182a0d7fe1facc62a1ab0902349fd7e27bb0cd349fb5053f4734823abf020739b4b43bb11f5d69b61295068df31177959903c2ea1bb82d24eeaa93d0d4738d5d15b2a401e7ebe0d3cfbd45b2db2882cdb41408aaa718f8320fbb7f9da4f68d0eebeef175442e807e9908132731fe5e268582dcf6dffa4251ebb7121db8e412089fa9d8af9919799547a26b6b8eb44c28f1ce5f9a3021fe30841be204c1b4b3813dccae6baeef9b53fe413cbec46bb0cd95d3793cdc9bfe6cdd96ce0c4aa4a25e1cbbeeee6c9fa558b279048c7e31d07b125bac68d4e1f4253bd4dc7824cf3d722c94cf2b8f61bc8155731f072fd447082b181a13ffb8c08a1d568298c5de2d969fae2bea070a9e2688f294e76b8c200dfb993ec19778eb56ae3127c1116ccc85ef8806fdcb9ee0cb66ff03fbb0fa6c52b9b101b3830fc1650efa859163a264b4059092e5dc9a415ec09bfd1460f142fe5ef00beb6aa9032bd0de97aefc6f65e8cfeea761b3d8174caf528b6627682ff4d4450cb0f34251fc000ed01dd538ef13260984f44703b89dfb511bfb538d0b1c8aded964e1bcc5ca57437468b14a31ec0000a17e4d24369c40500449c37e7dccedba3eceb59d827dace246b5c48afb6a5988e64c560b3dc76c32d831f51cdbc5cfc4364ac8b25372b87c92bacfedc6bc8feb44098dbebc89cda03c59e4c58a31372bd574704b9e788834b9f83c6703f6709efad97c4ce499ea580dae1de282a019247cb3dce5c1906322e6d3ca5157ea6428bc42416936fac194efe136089c07faf7adf1e923003f1dc63fcbc634b389a4f351a6acee785e23c6bb04ca2f265be1e634362b87c6f9fd369bbe62a1db6b286c7ffde6370bb4d6e9e0cc3ec451e1a99d134726c9075e71319d3a683e91e4b900061c0e6d086481069cd32f4cde7816f8e3a0ac6428a7488f31f06ee0da10df3ed0c150d29085879d064f914407f60018bb588735663647bfeda930407d69abef3f72fd461c2b85b00988b412a180fd267fc646a86d297e7e40912607157b6fa873df6442579b1523d8117f0c06c87adf75843b8bff30a5bfb4fe1e9846b7fdd58774641baf9cc9c4e38e53ed24a9d9e9dbc7657aa9b220a8545852b0409f5c0812e953823e841967bf55059acc7a4600818134359e72cfae0d04a0738ac8acca133d6395a455b22cdd6f901d4cdea1cf17415f7d7895a4b65f80d2f7c5c60a0dc04b40c9ae5ffc922e074a82afd704673e1766d19db9f60eab0238fb4a3169a08aded607847e5d752d4e24c4914b95bac3892bcfc2076f16a7f07583f0d418b9dec03afdb2e93335a392e1b1ef2910eb2a4b6a63fe61641f3c02bef73cd7e4a77a6f30ae821598c3160511603541bea89022b54f321c2a55cdeeb19335d78a821ab6ca0f36588a9a79a41e2123905a491d658c2a1caeee998c995bb0f816c92c5dc2b862183f80b9f9786c9c5524723c944d11f6894c7f008ab8194f577e22c03631d2a33205f508ea49653e7600639242dbaba704f700ac227f32dc575c559a0a1f4fe0cf6c22fbf7e1ca2ab4b1e4724e8379021e3c9a7c1509c6a413bd7d9c98938e440762eda2546d636597defa86c1ad31126a1182d365f858927d140fb0a97f80adcc5f4ed5efe11ac503453917a263f1d64692348d30f382e85e464ef7616067a42df5de1a1b622fabefe2ca4ceffa4801f7a02fdef40644cd1d079590d900727628d54b44db7ac700d8d664f7eea12837fcf347360d8e43a354fe51b4c49e8fcda3c322b738ed2b800b5cc06e22c72af2a67ee7bc8ae894e841f2cf2b0a7e381caf944bf4e91ded63b6f82f7474e4f81e986fff7e5339b8e9f60103a1af81833e120f0c88893ecabac044a4a2867cda4fdcb084459a00507aa9e5a8e761a72df3322a1ae8cd918b4994c23bdb1e459b4f21651bd7fa067a00e2a2877bf6b29f289ed8018e0a78f6fb4ded9749640e0e37f6381b320ab72da404f3d70d60152f6fa6738932387b83250cb3148141edb52f109bfd4bda8054959db01f4c550609a63c08cf01ecd110cfc6f0055638c0dde039d2ac2daafe59e561f9f08a8830c3f661e4325de63e98f4a4216ec3b83fd200201ed3f647147611424286ffc6c4a8aca64a6874743242d4feeaa9153de06e51c512d9cab7ae712c6424069f3e5db4ddebe9b48b5f6caa741162edf97674d2368e03a387f798151a4b9b9fa9e3a5838a343133158364a9fe3bb4b9a3c464c0c54a4c64ca774ad200925ac6bf59508c10a8574afde9b821741af43ec64cedc13aa220b39772195283506dfe899dd6a7b37eb21f154056a2df3564ef2bb918a928651de88c3613b84e7960bddd7b46b1304deb30f57b6fe5a3b4788629e91bcc2456a72fabb16b47da71624d2e9081de748b3387f52da4bb094782326dcfde0827e2d674e41bb375247d349cade9c704e5431785009b0e53f1b45c70b237c9432e07e4c7a8464ed11608a3d2184338dd9e6f6ef4b3d751e979667b6a3953c89aff4eead7a978071a912b3de21a85a5849c57933cf53cd74a610f3e60f699766fbc7e0bb8a891a429c77bb6f3b6f9f8eb0b1bd9588ef2ce98fdf0a0838e4b0bed807d8b673093c717feec8d697e32542274887d039db7a2daed5d52c8e9767443229f8003c5d67e907376ea2f393484fa70deee159cb56f8d097b8fe2736e95f540137e20725f0940a8d049068ead4c46bb3771a671bb00de88931e03445a55868de0c220db05cbda9f996d5fe7c1070efe5e718fed4d4cb4ecacad3d6b643bc0ffe9a71b720ba7b5adbbdefe29106ef6a6ffe4547f5d02bec312147df0abe80efb2d5e598fc7c8b268e58b59e0d75728e9a18126f013c963ddc92d251405f857fe3a5cbacf443be7772975b7bf4f6d7ed6f80dfcc47a88c6d19120942adb5385be6ef3c0d7e396bcac5affc8f9276d6cd1a0b069aed72a98cde8ea7aabe6cc091b19efcfaf9368dfeb3087a05a42e3b893dae5ffeb72e6ac06e995a2a75ea0b5f7876247bb4c38cf3f0153f1f7473b522f1c440b632270e2b1d654d3a5ae16cb788482760d34ca79c8951b29c628e21029715683a3e6f8f77c5d89ecdae37e0190f79c4c1dbc9d0160e359cd6c94d6662ed53bb01a83374ff593c823acc59241b11f020902069fc0054a9b26cb320bef4fb1f8cc5bd8ae76eb029afab731b9876bc4e8708a8315512823cff1f9375d284ce66e53d4efad6c76d17bb532fc938b8f80c13ce86b5ba3e540164bc5a5d47cd321c241d8740f453ef95bd3878d578561ad6ce20877ffbd44062dce8df1d048d8d5e4045be647886108cbb1f0b26a8b74b66858afedb830a161bb02bde4c46a688a0ea3a7018ce24666aab0f422ede2f78ea29f77e28d87c744cba0285ce33d0d9ac45774829699de6d725a9b6db6e7d03ad4ec9d075c386e68ca0bcd9e9911d741ed0168cbddb87a7918a964d206629da4e887277b0ef7d3f9c7082f3f15f29a0dfb39f3b0877a5ec3ac4343e0d808f5aee8f1869923aab6dfc3016821c013109f34aece6183994b853d0e9561375c02cdd26b1b55194757341929a8038864cedd6b5a3b8b51ade44637044c4ebddb190f173969a0ca4cf5d42153763a0b91da0110ae7a25204850927d81b00176d4568a3d444d8029bd010df784e3f673fe855601ec4f1b26b2df58841e6a65f0db66373f63cc14a8b07dfc52ac9957eb542d05ed687c79519609de96df18b63cb294b534ddf7d2e8f41bcc1e5a006191c4db057b6709f0a96f18e7e8f67b8be2a19c015b9c4b0b3f42e4de366b71f8da8888809473c3c7a02a1158e375f29997a43bc7118ca4d1abb8f8f21972fc589aaa3d73a4d40a1e1705e169ac6e56cff50d89fc45b6863c8fc67bb2b5939a7f33072539ba4c24077be5711ba368bf7efd4897931531d388eb5c2e56bef337777150dd59518652145c9594e110e41d2615196c6b197916c88cc2814e13a3a922b4ecb044bf31cc90e0bfe0ce07de29188bbcb0ec1a12b509f52582fbb948c3cbe0c6964f46991cec0704bfac08aec6ad8ddfc36dc68c7f547c5ee6af4a8d55c79e3dc1c49b045379811f81e9a185a92cd37ae4ee32c5d3c82d36d6202a6c84fd231fe467071d42072827fd77afa5d757e6f37247f783ef09bdfd7536b666e84bc4bb878005b7829293a04ba090272dec844f4ef0e934617c08518bdc6b915ac6f3f03e4a6ab88e21c3f21f93b31d95ea3b9228e0031cb69795de5abd19c4cb4a0cf2984e53ca391cc66e33ee0d510151670331fa264753704fea5e4b1760f74890c49a74a47e0da13155c5470013d53dea0f05b5e088f1511c209f5be940232318af2757951d399e32eb862d915784713baa8ba93645caf04ba78fa3cf600ff92b9c5be58ad87438a340bac00a5ea9fb17e39478ba61fe36335e48d8c5a0b25f024cbd2ec7f217d0f260951da396dc13a2a74cd90df4b52db686e3b34d27cfa4cebd7bf59cbcfaf4007dc943a1da6e0bd1799a21ab449d7bb42935e50c839c5b567c59742436af15bc8d46095520dcd9273ae2b6f3c1cc2b4311ac9e5d297f0940b1552c5955adb302022022bb7457978998b56328629b7725dfbe3dedb37f37af0697a4471d1d6ff6bec633a38540adeba903f3eaaec5785fbb3c6a598f49dbd9ff93c67dea1ef39a614331b119fa8efccc8bac01595fb95a2a57eec9fc6c6fe82782aa89ea971866fd9a3bca4010182092ab6d1e2b49b964be9e3bb13bd6b77850e435f55a5d46e5bcb3330c7edefd31c33f61275e516"}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text16={0x10, &(0x7f0000000240)="240066b8010000000f01c1660f3880310f01c5baf80c66b8b81acb8f66efbafc0cecbaf80c66b8bcb4ea880fc7a20068bafc0cedba430066ed66b8579e00000f23d00f21f866352000000f0f23f8643e660f6db79a5f6766c744c35f00d93f19000066c7442402000001006766c744240600000000670f050924", 0x7a}], 0x1, 0x0, 0x0, 0x0) r7 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r7, 0x40045532, &(0x7f0000000100)) r8 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x88602, 0x0) r9 = ioctl$TIOCGPTPEER(r5, 0x5441, 0x16) ioctl$TIOCMSET(r9, 0x5418, &(0x7f0000000140)=0xb) ioctl$SNDCTL_DSP_GETODELAY(r8, 0x80045017, 0x0) r10 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65) write$snddsp(r10, &(0x7f0000000200)="a38d", 0x2) ioctl$SNDRV_PCM_IOCTL_DRAIN(r10, 0x4144, 0x0) ioctl$SNDCTL_DSP_GETOPTR(r8, 0x800c5012, &(0x7f0000000080)) ioctl$KVM_RUN(r6, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000480)={"8d515ad0d4959e52f84c77371936d145c84bd6924b2d4aab3d227d8ac8e59dc4f25f3b73319df60a62f18f50cae3514d464e6a20121017689f1c90d4df627e50f686017425ebd3f906fcc7b307772a0dc0cd86a311f911fd367f28b865f1dbc554aec5e91cbec5ab49160a95498d58d7d7034c0d1de5bbeacd2ab66a0128d8932368e955a212756b67c42dab89795885d71402af44a8b1248fb3e9e7fda04dd2fe8618ebdaee73b5405dd452b4cee4dac8d56e1ab1f102053193d082eae2e7c41aa70a97d25fab38192f3f8cad809d15a9ec01e194301c085eeb9b957fededc9715c8938291066e2ddf61d2b245ca67fa3404394524470f0c26d44f3d0a1193abeaf20beba7d2608ee88c99fef7b1bac18fbb6140f581d140c1763f80016d87c0502dd59ca2f5b098f7923d78d3b5e8335df5c64e07e2b4935749ad00ed900d26bb2605ebfe7e22ca91bc0ae9da1b94d26e0e710f241bcf88e5840a3f5d82a39d927f4ff9dd8671ec8b976313ae4e59090b82040d8afee13705889f03ddb17d4c3d1a2b149d2cf704c5cd3437bc7ad5624a24b860f5268c5416baae33a73519184c9e974ab12aeb868ff553b74ae703f709d6fc0e741f66359555ee442107693765be13553a60a934a36e0d21625aefbd7041bf27401380b8a0a2648827036541fa49f1126413f74aead0c51e492dc449ecb0908dcd1fe0177e757189068150ddbaf5ca785b32581a2bb5dd020f0fd4633862b8bd3affa184da71a823ee2eb65fb7546a99df0847224683a6d26cec014eca68b38cdcab06a7758c482fdc3a541aa6a53f8b001072162bf681ce5caeaf4113db9603e7064ca49b16d87b75ee0479e81b0bca69094b445058f5ad9c71ef285b0ba402de783a54146443e16d8a8d8f0cb2b51ddceb95005ffa953d48f285d232ef2b4c1603a6f8cdd30b3a6f918a4dc25167072e24c6ec2091eb25a6581125f0b6dfa6dbc10e53790b7bb2c4f73c4ee36868c7eaced3f7a63eba8719ae74e96c369ff1a0e90d8be00a0e1fbeeb9d264c15abe04e96d9fcfb8b6b0c1daf50d692253e4bad865cf28989509f13264dacab6b6e3f74f873f5e4c3a0be77442dde349ca0e9988b95715733e48b308b417ee3d1efeeb7fe713478d33c803dcf79452fd56dbdab9f9e25dc0feba5a1397317075deb54933ac8e609583e8dfa4424881eefea63d20f1ca8fa6b239bdfe05a8a432fc74dd6478525312505d03d30bf8425595c015c3a5a1cca8fe9070b24323f5630a846f88f0131e641dd17a755bdeb74c300cd00918efc5a0cfb82dd5619410838cb19ba48ce48a4d8bce5460473e85c43609b22fdbdbc602ac148b849e5a3a530b0ad3d4dbd89faec2f29f11e0047c0e775e3b6dbf5d9803542983896fab203975b2d1ea7edd3592441ba9a944de75af4769106daeaf0b7a9bf023136c7a"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 8.466773014s ago: executing program 3 (id=1259): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)={0x78, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x3f, 0xe, {{{}, {}, @device_b, @device_b, @from_mac}, 0x0, @random, 0x0, @void, @val, @void, @void, @val={0x6, 0x2}, @void, @void, @void, @void, @void, @void, @val={0x71, 0x7}, @val={0x76, 0x6}}}, @NL80211_ATTR_BEACON_TAIL={0x4}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x78}}, 0x0) 8.184283609s ago: executing program 2 (id=1260): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0) socket$inet6(0xa, 0x2, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240)=@newqdisc={0x48, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xf}, {0x0, 0x8}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x10, "00000000000000327725b175d9e33f00"}}}]}, 0x48}}, 0x0) r3 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f00000002c0)={0x0, 0x0}) getpgrp(r4) wait4(r4, 0x0, 0x2, 0x0) ptrace(0x10, r3) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000)) mkdir(0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r5 = getpid() mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0) move_pages(0x0, 0x10, &(0x7f0000000140)=[&(0x7f0000000000/0x1000)=nil], &(0x7f0000000040)=[0x1], 0x0, 0x0) sched_setscheduler(r5, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r7, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r8 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) setsockopt$ax25_int(r8, 0x101, 0x4, &(0x7f0000000d40)=0x200, 0x4) 5.538038697s ago: executing program 2 (id=1264): creat(0x0, 0x0) sendmsg$TIPC_CMD_GET_REMOTE_MNG(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETS2(r3, 0x402c542b, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x6, 0x0, "85000087fd000080c600"}) ioctl$TIOCSTI(r3, 0x5451, &(0x7f0000001280)=0xa) 4.105973517s ago: executing program 2 (id=1265): r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) r1 = dup2(r0, r0) ioctl$DRM_IOCTL_WAIT_VBLANK(r1, 0xc018643a, &(0x7f00000001c0)={0x14000000}) read$FUSE(r1, 0x0, 0x700) 4.072881644s ago: executing program 4 (id=1266): r0 = creat(0x0, 0x0) sendmsg$TIPC_CMD_GET_REMOTE_MNG(r0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r4 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETS2(r4, 0x402c542b, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x6, 0x0, "85000087fd000080c600"}) rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8) r5 = gettid() r6 = getpid() rt_tgsigqueueinfo(r6, r5, 0x3, &(0x7f0000000140)={0x0, 0x0, 0x6}) r7 = signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0xfffffffffffffffc]}, 0x8) readv(r7, &(0x7f0000000000)=[{&(0x7f0000000840)=""/4096, 0x1000}], 0x1) ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000001280)=0xa) 3.908041406s ago: executing program 2 (id=1269): madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x3) ioctl$TCFLSH(r0, 0x80047456, 0x20000002) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x0, &(0x7f0000000000/0x400000)=nil) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = syz_init_net_socket$llc(0x1a, 0x801, 0x0) bind$llc(r2, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x10) connect$llc(r2, &(0x7f0000000340)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, 0x10) r3 = syz_init_net_socket$llc(0x1a, 0x802, 0x0) bind$llc(r3, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x10) close_range(r1, 0xffffffffffffffff, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f00000000c0)=0x0) r5 = socket$pppl2tp(0x18, 0x1, 0x1) syz_open_procfs(0x0, &(0x7f0000000300)='net/vlan/vlan0\x00') ioctl$SIOCSIFMTU(r5, 0x8923, &(0x7f0000000040)={'vlan0\x00', 0x40}) r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]}) r7 = socket$packet(0x11, 0x0, 0x300) close_range(r6, 0xffffffffffffffff, 0x0) r8 = gettid() process_vm_writev(r8, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) setpgid(r4, r8) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r9 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) sendmmsg$unix(r9, &(0x7f00000037c0)=[{{&(0x7f0000000140)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000200)=[{&(0x7f00000001c0)="5dba539dee8a466bf081b12efdb0ce52b584e6eb6d502cccf16e510ff8f40dcf1830043ca80cc3", 0x27}, {&(0x7f0000000380)="1fabebe50e6af0474eb7743c580942d889ce10bf5fb26fb1129eb6ce5ba8f9896b73db19cdc01d8e40bce2c5a2bb9f0558c75bd2fda2f0eb800a0eff82549807e5007fdf1ba972b93e859cde95d41a41b6c85a95fd5cba87fabefb42be48b728485a4049012ad36d10c235f797ded8ad97345b969435148b38700ddbf98ffc391379e75c7abd412628411fc9f6feee69030865d084b843878b70b41c232a1e572329e59c3d67c005a21ed5eec8386a0d24ee8d281945ea4de7d50d141dd211d3ede1e9a9aa85", 0xc6}], 0x2, 0x0, 0x0, 0x40080}}, {{0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000300)="77484054c3e37d4bebca737759f6d3f5833766f059a2059bea22d6", 0x1b}, {&(0x7f0000000480)="d021136497f1fd6045907b9fbf28f4dd449f70a52cbc141a74f1f783b8e65a1fd8e161c893495657fa0c856a8c746b06bd92544203b0a1f098aff7b270662b58ee15", 0x42}, {&(0x7f0000000640)="6fe5672a8cf4c147863ccba0534a0e6ded2df1aaf703b56c94b79f0b46e0d4af8f1442088a40a76ab5c92a77f11bd422b31b38430dff735d36131bab56f1b72d5c3566d7870af2e1c831ea2d066e235797fa1efe4d0cabf8dff07e3a772b375e1342edcd27b6890da5dde4cb41dc683f43791668923d8dbc83042bb74c5ce77cef6c18524a1c1185d69cbfa548290d124bfc3146be8028d008de8a385d38868d1ab5ff5e669ae2e678e9aa7c3070da951bb030f9b2959532a7c53e179365b2e2c238680c", 0xc4}, {&(0x7f0000000780)="8e72512175221d9128d7284545e53fbcbb60eb4d10be6a7434bba04ac13e1a25b3d5c54e7fb84a2cc9f03c326d4c29d77fc141462d1a4ca7dff13ae75b8830a8e06e16f9aaa399fc4c32bf12331cfb45d13f7b499bb9834e4a16faf03967be2261577ac50afb8e2e8c24cc6c4c4a62ca767a7528dde6a22d73d98276e03c976be73850e1dcc9e532730f22d722778d62ba3c9a2e8c1ef2ee2d65977c739755f2ab78bf0b27ad316abcfbf1d7c2e8686c52683bda4186c9d6263a85375e1fba85e7fd", 0xc2}, {&(0x7f0000000500)="8ab96c21fdace75b081acbe30b38d3aab1e703f62bf7b34630f5bad4617d1f26f5c043f893a2b8645847798360c7ade3acfd4dd09dea4b496e62bfb7fb4a4937d45b1709b9bf174303a5d79808d1b8b100a177be", 0x54}, {&(0x7f0000000880)="b92d9ea40996d31ae64e98ca5a000e6f380898d81e606af6008a808dd4b97e59169d4ed8b7153bb152b2973894408346ab07bb08b1e61bbe0830ed499204a3afbcba6ec51dbfe80b5faf0a5f306ee230eb7608bb7653", 0x56}, {&(0x7f0000000900)="2277e27cc679d2b5ef3ee18132ba3128a6dd15c91a25d8ee08d112903ef7f12ba9a159774d641639d4e9f6073b81d62c5fdc5b574274764cc2876218ca520881e0fad13efa610290d2221c93b2cb5c5beb8a4273c8455e9317bcfb19795b4741e6c9e018bf8a001dd87b78ca9b3763dd2bf9783e2543cdeef17292369ecf73b1e274099bb1d3b3d6de43c83014af3e27f73ec460a06698a5c63dc342fa4f01bf14f83dd0034bbd8944274cdb40b38f6d824f63673204977f8a357c2f41f30ba174684d", 0xc3}], 0x7, &(0x7f0000001440)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES64=r2, @ANYRES32=r9, @ANYRES32=r0, @ANYRES32=r2, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32=r0, @ANYRES32=r9, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000016002400006e6a80f0a1d800000000000100000001000000e6e197e1b8a97ec3f6d4de9f83ba1d9586f94ad391a854f64020c7ae99fa7fe236c08152e151999fe3238f89eeb1a25acf592ca0f797f069d78b31a88fb60d6fbfdd0ca48ea1eb903339c44159458e4da69afc4eed49bb0f4bbd2fc35d6a3a8c26714f3e94732cef832c806260832e32204c97c5f72bfa5912b1d471fe27d8cf27bc4590ea46ec7d0c92f55bfa70e97fe2800000001c5f443f022a7c84925b82a9a86f58c53d105ae8cc225f1f00000000", @ANYRES32=r3, @ANYRES32=r0, @ANYRES32, @ANYRES32, @ANYRES32=r1, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32=r2, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRESHEX=r4, @ANYRES32=0x0, @ANYRES8=r3, @ANYRES8=r0], 0xe0, 0x10}}, {{0x0, 0x0, &(0x7f0000000f00)=[{&(0x7f0000000e40)="9fdd784ba8670b2bc3e2073f380029ce36214255925f3db7728a90526215c762d9972b", 0x23}, {&(0x7f0000000e80)="9e84e6d21311d99f6a153d215ab76cd4083a962bae8079690aa2f3c1b9410cb8ac81458719359dc59ffc91903b733b485b6c84825ea5e3127ab11e5d0ad3ce697cea00d23b8550cf179a47dfbc04cabe26086506f4fa9dbe", 0x58}], 0x2, &(0x7f0000000580)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r3, @ANYBLOB="0000000020000000000000000100000001000000", @ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r3, @ANYRES32=r0, @ANYBLOB="14000000000000000100000001000000", @ANYRES32=r0, @ANYBLOB="000000002c000000000000000100000001000000", @ANYRES32=r6, @ANYRES32=r1, @ANYRES32, @ANYRES32=r3, @ANYRES64=r4, @ANYRES32=r2, @ANYRES32=r1, @ANYBLOB="000000002800e400000000000100000001000000", @ANYRES32=r2, @ANYRES32=r3, @ANYRES32, @ANYRES32, @ANYRES32=r3, @ANYRES32=r2], 0xa8, 0x20040880}}, {{&(0x7f0000001040)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f00000013c0), 0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r8, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000063ff3dca4331bf14d544f3bff10000d30900000000", @ANYRES32=r8, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r4, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES8=r1, @ANYRES32=r2, @ANYRES32=r0, @ANYRES32, @ANYRES32=r0, @ANYRES32=r2, @ANYRES32=r0], 0x88, 0x40000}}, {{0x0, 0x0, &(0x7f0000002cc0)=[{&(0x7f0000001780)="fc7c869da0403eb5132345998be5f9fa5b08f5e5c66450d342a19dcc406a6d59c411763b535f9ab895d2af4c92e35c8431218ea660350c28ccfed506af4556d97774bd8078b613330099962ba109a8f2e38256fdaa4a508ec091814d791489d6eb80d3e43bdd4b0e6b325ad2f67b1a2ecf", 0x71}, {&(0x7f0000001800)="cb2afec3f2f5c527c4700f474b3c2598bdaafe873d92929588755b216fad25e880db0f8d845cd66dfb219ee546cab434aa492349fdc97b53abc78411ace132fdc6bb4df15500ae6edc13256182964b897689270140eedbd9", 0x58}, {&(0x7f0000001880)="e830096f8dfd0585a1465b3f5703d7eb2f3fef092a598c9d4b6e5d927a03027283dec8e31c6ce864fb83e629d8e06eb4376eb4e17c1a9a9dee791734c7d956eb5e8e70ad07ec", 0x46}, {&(0x7f0000001900)="09044f0056c04c8aa20e037fce2108aa4763dec637a7775740672d777b53fe5fe23ace8897faf5478ceba4267f13646af3f08691ccb9a2320aae7677bf79833376008aa367a8f87efd58cee8a88be44fdca28b8f421618c1e44dc42af2cf53659ddda31f788f95136314c07f803ca3126bea0c12c5b841663830180bcd6526e62d837fbe40a699594dc9217ba3c8390f5e130f4da87f0f04f1ca84e62c310202a938154844dff398c18942317679ae4d0c7aa0d223edbead6c5773cdb248377699ca5e49c089efa462c9fcd4ea148ec790ee535550a38603ca1d0854fe7c72f96eb822430cf75d8dfbebef98b19a555b097aa80d708bfb3907f9889ec60a98e16c7df90eb30ecbbb9b1193561f69504a79d479f98e8e052249686f6619d226f483bacf94273f8b3418858d3ab2b9371895948a7a1123cdcc321cc792b48c6a85c06e0c070ee32b9eaf914b17b8fe2f9756bc9a158860a35387f23e944cf85f26f17a6ecbfaaf6fdcd35a8917898c88e9374c2a3502d513c634f1bb21b48d64701141f0bb581b92b8dbf5b191c1e199267fc3ae21c7e9997cdba3c6cbc6f457faa0e06189623256fb84c5aebfc478406e34030b0bc35f0dc2d61ce20e5c743ca142d1a1654232340ae992f03177b1cf75082b60e6be1caa5f5287b27daff9a21323665c4f77ef89cdcd7f52b39d21c66fc3ea0ccd0b9109096f2de8b654ff8cab5bb8e8842095ec7ecf5382fe28ed0cd8cf47564477f9f7fbc40b9f905ca40a96a6b82b7cd17abd44125293c8f3b71d95521534d2969ac269fcfba2f92217b5bbfebf6d6be9c65a3c801399e12d527be39df535e65efa41ba0f5d9837b76d4f389ca5bdf0d5d5eb45618b720cb655a3a689cf40a6737207af4400d2046a88ec6a2306d5c230f81c9fb2d9173a3418f7586097d2bd75fb4e9d66526d710a45140f26096616cabf6796d5aa8b6f57aa43339c2c70a3a07bf33a4948efa18f18dddd4cd823839a587371d6969c624a0087a88b4ee4671e83996c3a019dbd969d97fdf888eaa18d5875f72873035545e908012733b405ce87f37a9851657fe5a0246fa8d83250adfe29ca93b25e5e2f034c9825fc8a0b71df4359d5432135466064a5a32e9116ce679e5ac5c1df89a5eb6b9a85f90e7c20587d87611aa7924566b08c4d755940c9f428be55ec9454947772be35a6ccddf6e5ff623509b25fecc533e7609603e8f42ab5ddcca2b3b7a008b7c80d159f4c7edaf735aed1f18bdedc4a2761596368e5fea61f35d13a85bea1a082ffae81e6e5fec54fbc796cccc79e9eb8c76d9fe1a0a19afd2eb269256f3add6bccc01fef766d13ef89143ed868b7d035ad0af86a530f58c695d25f782e1701152a760e2559ad1fa86291b750efaf7098e97c0a3d82b13c7462ec925f9f2fc417c1a7aab28a27d5519bef3fc9499ce3a9e189bc16372583773f46112af7250f5973b3e4f5b0bbc000e775c0bbd36ca48f6ac761cd3ea6e92cebc57498e616d56cd10414503278c6f0e2783e8f8347fe8f01e248866ba9264a06b4cd45b40bd67476594364d2d2fe97eb3da2e8532022ce771e2aed73e363ceb5b707db4cf89e022eb7db7ae2ec2679e96c330f5cab9e5e81389271c63b1e0987419ae543fc729d3d962bfa03a868a21bd7cb5c9d735d9e416c196aad403a4662555b991e42823badfc53fddbe25ba95ac7e92092be7379118ab0f5c461b3747afb20f52e0c5d5a04eeb06bdd5abf9cc768d6ca001b82251cff393f1e754dd1827accec69e707d130bc397f38d14fa3c6cf5d9da5b33feb2127bd7471f2beabfc275e97748dd080d5522d5c922a5fccbf2fe8a042d5035b3296377f4e242c979683d70abb5a1430de4f2e7f51d712242e89830b367e13cef5bca5a2a8a870ef64e6cd84798c4826c2b6e7170d5e24be9c6c33b2e5d87a7e4da8aaf063fb9d914a4a9cd2eba0b947ca012a9cccb63c3912d6ed4d3cb09e4230bfcda9e18047ec3bc9f6d9fbc74624578fb5b2c943c380242fd3df4bf388bf1297d7f5ee2b67bd8faf2c5fd40f3292450e49104faca36f4f15b4475f512ae2d2b0e5482791c0274c0e7e8a284a87808eb1d62fcfbc9761466b87ffd27933beb36857966a837af56d01ee956ca19d81d39de61e3de3c4094bee47948a079fcf3ecf9dda20d3ce7d552ff4ccd8821e0cac401734e284e148bf3b00c74e44c27e8acdbd806ceaf1f59e1fa817b843eb2ed240bc912d6ecd8f294ed4c7b92bf3fdace88cb0318d4c7510c0e9223bfb95d4759f6e2fca7efa0bdfa3af17215d362aaf7fcd1e3c91d56405ad962ad8f432ee32319e5bac24fc85060a056f3e902f230e2bcf6942b5e228ff876fd463111d704645100021a87029647a587920f9574707a016205cef8eca34f27487ea2168fe1955fca9c8ecc352fb31987f80f6dea9b170fbbdf3b37b582756f10140fe545899ad2bc8354d0ba994801edb35c7a809b920229d6aeec61fa3e051cafb44167154df635a3fd22696cd395e8b09c940dfeeed08935f7829275fa78865d70c434dcc92cd79bd7c7c29453e50878b4bfb30975c35dc9695f95b43df302ed3ac9fc76c3b399adb2c86b85d75eaa8333a68072e0b7fda077a404f0af63a3daec1fc23bae668c581803012446d5e8fd67be6b6fc3214e0218829f6323d3b23a5f1dd0c7cdcdc5f499c5d9594ee4ed800db5064846ab0ec7fd9bc9209de14c1ca53c00e723dab204055d911b28292a65277df132cebe8b9a99297d40f31fed10569201afeeeb7247e81ae2b3768a45a6065a0b5a7c4465fa4667e0d9d9804841f393ea8abdb0cc87330ec8d2e15a42db1de40851867560c487c3946728a5919a37becff996ed3ebe12e6fea4e76bf9cbe830328082cd55286a690b545f998339b3b5c85ee37fe584002e7783d13efe8b701ef15fdb1dbf40a7ea4c938c3c878d113cb89e16e8b05982df640c7cbde02a8076b5330c4d2a31e5622f4ba4b0b574ad0bc3ca5142abdbdcb838b3e518ac5454e903bf257c1899850fe8642393a3611f58892f71467f66502d0e93132048a68686f67da395d49493b91fcb53c05061cec0a22a440fbdd5a4d69e5e1dda6cdecbd506cf7ffeeddae8dcaead29ba5cea1e84b55b39a1ab237a49d7678bf491f2f3c93cf99cb0df4b554e6b3d8cd937d4f9253d2e7451ff284a1eb8417a30842144f5d4dd47a454f7d5658eb159ee9073fcf4e86cb286878b4b9a69dc0cb037913fac3f39faf8e30db6ff8a4dcc2feaabe26821d7d04d59d3e49f98ce7de78192979e50ef5e9f4f10bbb5b0fcf2e152fe70c5a89c2287a114215273849569efe40791c84aa030bf6f45f4c9a201896da46be78c033931e117645ecef2d19d714208ab0aa29ada88935e7f3e333c7b761d2899b5ccebfd17e05157a43c492c0c6810d251fef2df0fd8b5f5d14c96261d8360830dca313d33976d0f3ef729fe5384085f3382d241b02589a9c73db1c1b548ee9e00a535fc5705ddf9f0f58302b7c49889f4788c77b3c3b619bd0b4b4e3ee110c4810ac762a569013e97aa127a693599ff7d83d98319fcb4034f5632c64d295d55dd08a809b85a557670b6ea7443b7e1ee27b71b3e2120a4c8eb5cfbf9d09e33314c1e157d30cb1899b2f0c811c5f0f5edc29e1c3647a04bd579624eb639853682190ea02b26822f8498a24735cc70e279172f11835c38e7b5c9ac2a26f42792c79b5f27defec2463499a10dfb4555e4ae681ec08e5a5b707fb32e9c64c72507d0f9ee22705e88c1c5f31f622af6e63c29e980eaab4dbfca9deb2078d0b92d94d97068d7b32892a829f24e0a86409dfa25b60a075b7f28f98c4ae3b7ef62f09fcc1994c57e1d8cedc26dbc566e261a31e25d36214e85dc05b65e24892673c71d11b965befbde03e0c4acd02b93e4b578074224a0abf749122109eb6a62dc37f63c19b1838768ced352515d309fa508fe64254cf785d4913704139a71476e623ca7395168c6619b7a7c3077519decc457703ae8cee4c8860973c73fd9ffe6cf26330c36e01b6e81bf0416f3a2d2e77e8b1b6f60b2f5230be7be35e280d7a9b965dae5c9b5a90ea7c34191c65c61c833c3c1f196580adca5c1d08265d0f89727ce0676486c1a624eeb194e21062df76ec358b0588d71910a4e82b2f600c52977abd4c61c188bbf6f124e22808a68c4b0bf6d14109997226e8761cbf3d7782aac858638ef4bf862e377b88f1c8129217b9baa7eb46f5e116c0c2bf5aa27cc8b5eb3e7bf4933393ed733a9e29750959e94997f10bc34cec493f9c21142f64917553875d17351d4335448512833d9bdf6d48739beec0343bce2789a80132ef5e883a70f195b495e9ba28b37f996ad290bf6fc312fb5d91c8a27b527777bb5808f0d88d87af24b745dd9c4a11de9ba433570be93b6d5ca0a182284fe5a59b9effc44c45814176a6b5f787258652066d49f9ba79d820107e6d9a360beae9db02cfffb650fe0171388d5f54f74c15a87a6f99d1590a4928ea3baae14647b9ce73fa33df0ec675083a3f3c08ed7250a2bcd360be0c303e79f64b49724dbea4ca78e8057885acc4bff986968a32112d9ff2cde0f4afd94f96d9643e3632ad71b71585e394c95989134bdd6d3320f3b67d52eb2b7789d7899e480f909752eca6b7809b3236e19d7f86f6d616ccdfc102bc936e7118afe7fe8ced10d2ce08344d0134cae96a0a0ce845a10c09aa4e656e67145101a75f4454aa9cf2a9168d95c82cd10e02918a596eea1a7207afc6207a31f9a35f704cb0d1b9e42bd7fface8c785c867b3bacc8554a6d22d8eb74e64b8ae95ef8faa8e9a51bad4f0c868c95e2d667c546dc32d0fefac76972442f9125f02bace1577b9fe8af0bdc1eef7916b4ab5a7e662fc011d794bdfd3569a23b581e6fdebe2e49504d2a55a6afdb7ec4c9b5d1d576abe6d68cc980ae1c77e8c6a236ae7fb2442979f11446dc4e2b393596e3d29654ac15b135f113dfe53f0ca15bed3978b711820cee1602d5c82555f4f53c2cfe965e8c4ea99115a3f01b4797af54c43cca7290822a718f81dbe8de89ffe7a3e3e36c97b3ddbbd131b474d56f9fd5f944b83a311f553dd27b8cccc6aa907ea2fc93c402353d7883d8a66e4b5b70ad285bb589983961dbad764b2a4d1da50dfc36ff7e6ce63e6effd19705c112f26636436af2756bb4588e1a15518605096a80d1e29009c244fe6a38f197be863c9fff73cc330d6296c8075191377ba71cdb70baaa7a3ff692342369a5d38086f06eee8fff14b386f791aed61fca680c95020e5c1382866d67b795a52f2233d3f5208a61711e4978d794a05a517d3687646263ae7b2754099104ad2cc18da00a801e8adc336a3cca53c4a4de8e09a3883e431ceca6b7fdf96d61c9f69656fc8aff10f9630a872190264905ca3b14f731e456d3449442cd6cce2a09e8fa8f19e163ef1471f32e5a2cbd4b52252517afbc8b112e577e04cfc9b099ebb94ebecbf20265ad55b41c517acf22098ce22b8d15b6f8a6db8f23a37021c1490ee309165d396e44d3487a6ceccf0d300cfe879915f305b2d4da1ba333e01e795eb4ca47dceb7abf90fc68944f0ceecd94ca5a711b0909a0ef9ce4e89441487f37dc8d99835a2c75b6a1bf353d123076e0d9a0a21d0f4ce559cbabed18c164c487c184b0a3977e60f756cc7c3b7904f6922babc826aa6ce5d14db3ff3863aefe22ae811e5c87800f54f5e6c74cb8ace0cc1c3aa464b5ea8cf0fbf38c046f01b1ea483044fba69e11db1ae0083b13b", 0x1000}, {&(0x7f0000002900)="2052bb630d0e6700ef15dbe59a6f7124223eb997882d69598bdccce8114f6481433b4a0d54685691e08ef802dc12b476421b8fb99c489e5690011bdefb36fb3dea4a3c12e2f6433b4405b0b1bd4c5f99839c33c6a8b35715e2fa5cde1b15314f7b1930644ed52283fd02e4aa8a04ef471d3f738ebfc5a7b0f1b2af861b289f62b7b64d85b8e775354fe9dd1c780c763f315b5f1b831556679351e5a7", 0x9c}, {&(0x7f00000029c0)="a52199b4e81465365351ea5739c12021de6aac394833590505c310791714f8ed9d94799ba1e18504397508eb129e33de839ea21f4b699d0b2144b1696007af09f5a1a283b37f83ab9cf35ed5970ec0686af9cc1a4c3947a8c05af7a83960de7d1a4a03cda0da4ea355d915d7fe2a968479c05d910e6cb42679e586a25430a01489f78ab400bdc3141ccecc75dc32e41c7d5b44e44cf6012b8c34ad33354d29fa94107b9f74eb6a1209d57098f2fa9a9f60adb2fa2d227926ecad5d0715411af011e8f6ba7934dcfc9b42b8c73f7fb9a5da401a2f6e5595f45468a0cdb85fad5741c2190724a0a43c87fded", 0xeb}, {&(0x7f0000002ac0)="d7bd8b4f77d673df8e43b6fb6795cf3c10da99f802b7cea6f0ce48a1ca5401bb8fda1c3686", 0x25}, {&(0x7f0000002b00)="619abef91fb6480dc1ef0957fb0b6aa360a7a6bff74e7bfea9e439411247534dda94cac2b9f8bafe7880842aaf53afe67897d970cef57ee8fa2cd2cf39d7257adbeec690472ff89e7ccd03741b9d0f1b8fe3627f2c83be86a85a9666553d4587e9c30f1c9dcc674e94b93e3542c837ddc9c801b9d90cdc4412cafc9add522d00b31373884298ffaa3fa5e027a18f43f5c510eac4f5f324516bce7d9960350855081bc1095921d4238237c0b26816073c8a7a15018942a284b23f124fa28d43a69e3588770ea0d88ee43be816", 0xcc}, {&(0x7f0000002c00)="d7ab27d5e361a3aaca13239a5d51d2a46c3ffacd8918cc49ef2014a8d58b8ab96923c987bcab18531b9baa5d352cc95f81fd05b043fea96f17eddf563566ebbb1feee497c0ddca414dfc090d49ca8acb2f4a1198596f7e6aa49e0b9cef8e97003bc210e3b49fd671c675b8b1df8acbd6c53cdf2a2b5575f46ad49f4e6b8322eb8bb12e40", 0x84}], 0x9, &(0x7f0000003080)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r1]}}, @cred={{0x1c, 0x1, 0x2, {r8}}}, @cred={{0x1c, 0x1, 0x2, {r4}}}, @rights={{0x2c, 0x1, 0x1, [r2, r3, 0xffffffffffffffff, r2, r2, r0, r1]}}, @cred={{0x1c, 0x1, 0x2, {r4}}}, @rights={{0x14, 0x1, 0x1, [r7]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, r0, r0, 0xffffffffffffffff, r2, 0xffffffffffffffff]}}], 0xf0, 0x4010}}, {{&(0x7f0000003180)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f00000033c0), 0x0, &(0x7f00000036c0)=[@cred={{0x1c, 0x1, 0x2, {r8}}}, @cred={{0x1c, 0x1, 0x2, {r8}}}, @cred={{0x1c, 0x1, 0x2, {r8, 0xee00}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee00}}}, @cred={{0x1c, 0x1, 0x2, {r8}}}, @rights={{0x30, 0x1, 0x1, [r2, 0xffffffffffffffff, r9, r0, r0, r0, r2, r1]}}], 0xd0, 0x4000}}], 0x6, 0x20046801) preadv(r9, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) sysfs$1(0x1, &(0x7f0000000100)='/dev/hwrng\x00') socket(0x25, 0x5, 0x0) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x5c}}, 0x0) 3.722874241s ago: executing program 2 (id=1270): unshare(0x4020400) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r0, &(0x7f0000000540)=[{&(0x7f0000002700)=""/102386, 0x18ff2}], 0x1, 0x4, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) r1 = userfaultfd(0x1) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x14}}, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) pread64(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), r2) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f00000001c0)={'netdevsim0\x00', &(0x7f0000000400)=@ethtool_eeprom={0x43, 0x0, 0x9}}) ioctl$UFFDIO_COPY(r1, 0xc028aa05, &(0x7f0000000080)={&(0x7f0000c15000/0x1000)=nil, &(0x7f0000508000/0x4000)=nil, 0x1000}) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x15) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000200)={'syztnl2\x00', &(0x7f0000000300)={'syztnl2\x00', 0x0, 0x2f, 0x0, 0x9, 0xa, 0x0, @mcast2, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x0, 0x7800, 0x6, 0x400}}) sendto$packet(r0, 0x0, 0x0, 0x400c, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="02c83035003100010001060200"], 0x3a) r3 = getpid() r4 = syz_pidfd_open(r3, 0x0) waitid$P_PIDFD(0x3, r4, 0x0, 0x8, 0x0) openat$cuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) 3.010070319s ago: executing program 4 (id=1271): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240), &(0x7f0000000280)=0x5) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000008c0), &(0x7f0000000900)=0xc) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, &(0x7f0000000a40)) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}]}], {0x14}}, 0x64}}, 0x0) setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) r4 = getpid() mmap(&(0x7f00002db000/0x2000)=nil, 0x2000, 0x0, 0x4108811, r3, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='mm_page_free\x00'}, 0x10) r5 = syz_io_uring_setup(0x4b6, 0x0, &(0x7f0000ff0000), &(0x7f0000000000)) io_uring_register$IORING_REGISTER_BUFFERS(r5, 0x0, &(0x7f0000000040)=[{0x0}, {0x0}], 0x2) sched_setattr(r4, 0x0, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) r6 = socket$inet6_udp(0xa, 0x2, 0x0) bind$inet6(r6, 0x0, 0x0) socket$pppl2tp(0x18, 0x1, 0x1) syz_emit_ethernet(0x1046, &(0x7f0000000880)=ANY=[@ANYBLOB="0180c2000000ece64fbcee5586dd6902934c10102101fe880000000000000000000000000001fc0000000000000000000000000000014e214e2404f19078c813905606000000a6b61e701ea79c71f39077f4e95bf69cc584aba4ecf7fd9ed5ace20c43010a88b8c32e2cb677387be0e560841fb5809ce6a349301188fd16f10eebcb2080253540a192b1d62243a3269af5cfe35fec9a0a5119aae1e9fb95e02edb0d193830cea9d381ee15a4fdc287fe31dd6592bb9f9d6a6e01d61dc229c29c9f9a8d0cb1f304a1f3a6de81830656c63a9c5d361bed71ca62772be89cf8c5b8f1cd668d5de3ee82cf8ff114a66ed96e9808c24ca0a52ebb11f297c61bf20449c8b347d678dbd182c9f59e71caf8642dbdbbe1928021cbecfb53502ede156b6dcf48ec1f8cf6d1030be6b462cfb1af97f702f68c40b746162066396af4d0825c07e3471ea211fd26843c46c4531d3503de333fa17b65e78315030f076921fefe09b947406b8349ef4989ab83612f291ab3aec97925d3c722a2953b77aa38c25539371e77bd4f68f18c382543b9a7389370c2f7560c478c0288d4951627e25f20f5ff8047de88fe3ebed5822ea43192243ddc44454da43f9596da8ddbbc7d26146e7b9b7e3d555da97c9a537f61ebd4fa379d96989a4acb1e134b1e38ad112faad2b377fc45795b89a32e8e15199f4de9a6add43a8b84257da5ed807400b1d3e29d4df83224c4fba74d75d19f54c158dad2b1c31614c0331565c657ae018171c672bcb5351de79c3ffaca117070c6fe4d8b021c349717289f1ab19133cd0a4f6ffde71b77e6d9ea496a69f54ff4d3f3a0bfe99952dcd76b2f76e85d6c61ac20c95028eb4070fbdfd47b19df5f2eba2b3d01eaddc19e6ce07150084262c8c261c1ac83d0ee9d9e20b27f323ee2f1fcff18e4e8eda7a96e62f84788b5a46991b69a58a7ab1792b2fdab73a77c31881b73d714de5b76e4a30daae3aacd7fcd79de753081de4fcd06686dc14c51c5579c6387988d301b1a23f9a6da8d22509553fac0c6581ebbcedaec5dcfe96d61dbd4ab2579b61363974fcb753485188aaaf9ce28f7c0e605093457a76cba917d3688af05c003e0b3d2c12e69a8249393c8165df77560be750a186227bb4347dab55847ac63d0f3d1238fb2feb625b2ae69357eef1af19079188699f82e0bc637a1a678e777c034bb1c1595fc3c012f1141f91cbc5406bf112dad5a3424145a2864c6d9de8531ba6c623be7da27cc48bd759a27fa86ed0a69b87070eb58056a1214785959c3a30f10a6e4b44019b99c32b3745907fb2b068fb8a795e7358e4c09c29e9494ce9748267d7a3613ae83afe552861a7d905c1ec7f92d9356338e2e2eaff6949123f9fa032294290a03fdc4fcfd19f29dbeb604ee6b831586dfffd1dcf8cee76a82beae2a035add7532640095443bf5a025fafef1ec958e894bb6b3bcbb3c1e0b053c0534aa49c9ed81f9964dfb5d9c1d805c811d092f6aaa04fba3f57e9d1195950bf958c0d5377673da7bf5ebe4031a60dacc394a7e19552d443acb4db61f259def2b1bfe3e033fe5af7fc6e97589163570f2588018bce2720da183d29ad3ef6e171dd3d261c2bffa7bc35ca9d68d4c9a3a67d853ff7ae1a5383db88474e7b2fda322a280e10f8a9de938381d64e75741df1bf6ea902d1fa90f099106a71418f0957ee26724d60bd092fbaeb5e267e5bdbad8b9215c4eb22d8ee2de9f7dc31b676d1ebd34da9fe35f75f1f7f010b84114f4e797a14347a83d41dfb6f8fd32d785ac5eae5dce7b5d0e95a43a6dae683f122dd540dd0005511cae9588b0b812097f8070e295f93f71341836803699b24e8de38bd33a12b78b3ad3beedea5ee434abb1789c4102d64538274c3849795dd7edb4c7c733ac330660e03b57ca970a7cd0733e638815f44edb46cee4c51bdf16e684f5354f55e66ffa762cb64e987a4a1a1624c51aae82650706a0699a3092484f2c8c27ec34897d02425678b4f183f01c8e0b8b6805fd310757e7a6ed036302a48e1c3a291ad93e966421dadf954c5f17759b380b7f8d6a21d8204b8b2263681fafa6ac8fc158fa202abb5f748fc0ec1678263af50837757e754b5778c7784a0872d7d72da4c5f7e9ca8806704a697ce524058d7c56836062d974932a51042e038c3c1755f2b5b1ec5b9e66d9024237d65b5452ba1314b4d4cc93e80fca36a3669e476a10285073006346e577ca2bd64787e6ae67641dba88fed0bc07ddfba2eab09fe31f5789b5440903440730e3e0969bdfcb221122656b60768092bf382f76ce642af9179f3f048e028a21e327e552ecb9a07f1943676990c42713eab6faa69b342df485598661aafb1f07abc5275449854dfd23aafd587e37425db70be3cbe8c7560a825b2b754123345d0c2801f2d0a91a782d59beed152a0a4f68ac82cf0ace1b50c8620077c25cf3e55e12d2803d83790e52815376e487643602db5b277e517a3970eadcaebb2dd0cb607a76ed2b1458b83d2f63e12102a56a57a2ab5b001af01ea9752d706b6b7a3a3e6af5c3816ea33b2cfe8644e709544941e700f2af1475af09c64243b7aa3366d3e69d11855b7b44af0cafe9f25a37f5300c40cb2f1f88f1af0c5afb67b4c8ba3ab4814f495efdb19bb5974ae94471f2706ff50d6bdcbccb28623f1401e82739a4c9b7b0e7b1f9243988d4583b0f3823d432b4c8debff4b236a47d3b277eaf86f71f61ab1e387630cbca91aeade344986583b3dc1c11b9f9302a0ade93d602d96734dc56094c506cfed036714426e9503c230f86e805f9705e9d533519cc79a3c9b3c698f3cfe8c9d32d6907182cf72377a762ff0d6570ad97d08495cd5d3b55b9f3f8ea3209ba7f37a1f13495621ad32f621e0409653d72917bc5c702fce23bb6b7b920f739266fac13970690b6f69d9ea689a56a2dfe6593271fb1ff477de30a2efe7918e9097ee67e44b78e0f22fadf1def10e85c89200aa7f57971f8cb815facf164d0bd9bde750f6f3470fbde19bf68b70d8b60b4f0674ca1f2e8501e7435a7465062be97d0e0dd370ba7e9f7f26f482f55f852c12274ac89379f2087034eaa7a3caf8d2758cff02c7c0be4858c819a0a124b0257cdb9800f9bb1f2ea757c451a4fbbe733ca1b96956a541469c11297abaabb3445670b3ed5c474ce48cd782176fb3f888413b4c606e3f941df645ac45962cc21c46e22598e14033833a3e99ffcab855a629358952802cd0fbaf3619cbee1b188133dda63163358cabf27fc3155eeae24de6acb5068dbf20d4b4be83986c4ee128aeed1ad8b5963849c54af7026c728e33b50e7e79d0338637d7fbf66557dca92237969c22c00e45edb8274550a1a244015c6506d88177c176323230a08f27fc0dc4554a380da9fea351d83b42c397c2e9be1eeed9088fb3d995f5b3699f565d86da0962220eeb5da50cad80d59b5b17497712e23957b92d616b70f8e75a95b377fd6642aec9430d49ec04002e9537048b3f38251cbf8df23e55ae47253852b78b35c2d5aaa96537b4e0e8ac948935cb5587ef0df9611d4acf21cff2cea55bb333bbbb732022d62a8c7d783bc6f789a42518f38b4073cf747d198279d7b19bc3e5393bd6273bcd9cfe922273ef3c82d02f4120e10d55b59411afc4b0bb73df4a8953d081e8582a76bb115feaed17a94d7dc5d1b3bb4a3855aa813fc1270332c9891d3206b7d6a6074b93772b850878685125a1a5bf6c163ff320be5935a147f62b2a74115358b135e5319dadd2bff2ca5308859eba910919588d4c30d5997667a942f080e9e90cf7921a48e5aafb2df6e56531edbdaaffdd8d52fe8c71d41113a95a218249d07745d58756401f34667f716f5e6d45e5c8f0fed5d28f81075b325381a402344b448fe971b022ac3b543c248943a646652804b6dbd56ba1f40e51dd7cc2a791736315caf41c6796899e2e38b0babe4ae0e11e73449728ecebb7af2100b10484fb92ee2bc4ddd41ec3600f0096f2a53cdc7d04291fbbad3e8aefc72690050e3d54929a20e921dc107f7c679bb49030e027fc387d00bd957119e9b5846ffb7a94fb7dcb9fd92b2f9bdf58e8f2ce968496e4b7a1b671bd43199020f9ac2ecbd318e4e8c22272e3c3b8209395ecd7ef7aaf027985fa93b5361a21a12b6930236e4450d942dea3845ead4827aa2cb7b16a612d7f34df9e00ae3d77a4502e7c0164bdcbf0ed95a4a85f2e142812600e50fa03b191ed7807c806df37307433c6b9866affd47c52c711155318ca34e072708d1ac40f1e25df3529b20288db063dfb75a521b2dd11545cbaf6fd0b57d8f06f0c0f5a90d4713bfcf3c23c4d161b9f0359878dfe2b0a8754c5ce13f032de6925ddb412fdd143da1c031c617aeb44c36cad4ea20421e501bc50266456355f059dfe7f4aaf51cbe0ebf0816c32a0134727b063c64278b5e53c749cface0ede87fb3bfe547ffad52252f2d127a33e222ea4cdb05471a633e8f59c7f9c60404acd0fe928ce890a61e7239f47976b1ce9bd59c7d2d98924974a8ea24db36f2ee13af3dea88cb673d41e64ab51e011b0c75ece69311734bad856c985b6b5e00575d021b0c0c3fbf40e440dde00661a434cd42fb452b4f7871f15a5aab6d1f1937cc955742774092cf99f07f6bec9807387d0f36a7617cba1287ec4d014eff96e40481bb910950f30201fd0de8f0800b4a1fa7"], 0x0) ioperm(0x0, 0x1, 0x8) 2.979857716s ago: executing program 3 (id=1272): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000002200)={'wlan1\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000680), 0xffffffffffffffff) sendmsg$NL80211_CMD_TRIGGER_SCAN(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000d80)=ANY=[@ANYBLOB='(\x00\x00', @ANYRES16=r3, @ANYBLOB="010029bd7000000000002100000008000300", @ANYRES32=r1, @ANYBLOB="04007d"], 0x28}}, 0x0) 2.840303774s ago: executing program 3 (id=1274): r0 = socket(0x8, 0x1, 0xfffffffe) setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0), 0x4) bind$inet6(r0, &(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c) 2.773466698s ago: executing program 3 (id=1275): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0) setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, &(0x7f0000000180), 0x4) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$team(&(0x7f0000000040), 0xffffffffffffffff) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'team_slave_0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000080)={'team0\x00', 0x0}) set_mempolicy(0x2, &(0x7f0000000040)=0x471, 0x6) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0) shmget$private(0x0, 0x7000, 0x800, &(0x7f000021c000/0x7000)=nil) sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000c00)=ANY=[@ANYBLOB="38040000", @ANYRES16=r3, @ANYBLOB="0908000000000000000001000000", @ANYBLOB="0400028008000100", @ANYRES32=r6, @ANYBLOB="8c0102803c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r5], 0x438}}, 0x0) ioctl$EXT4_IOC_MIGRATE(r0, 0x6609) mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0, 0x12012, r0, 0x0) 2.186213122s ago: executing program 3 (id=1276): r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000030020f003176c400000000001090224725100000000090400001207010300090501020000000000090582020002"], 0x0) syz_usb_disconnect(r0) r1 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r1, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4) r2 = socket$pppl2tp(0x18, 0x1, 0x1) syz_emit_ethernet(0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0xfffffffffffffd25) r3 = syz_clone(0x1000, &(0x7f00000001c0)="7d5ec9f3154cfa8d34e537bf401eb4a7f747e0df0bfc9469747c16db77dae3ad557bd00a2f13bdb1c65ec58e6c6a026a8061b4dfa98193ea05fc41e2dc0e76bcd242c7620ecc", 0x46, &(0x7f0000000280), &(0x7f0000000300), &(0x7f0000000340)="802767404672bfe187fcdc164f09bd93e91e801576c5e6be14481f3e2540fea9a8d2ffba7d707a02bf89c5c6f822eb43708b4d1109c355d40ec7467b17") prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0) sched_setaffinity(r3, 0x8, &(0x7f0000000040)=0x3) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r4, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) sendmsg$SOCK_DIAG_BY_FAMILY(0xffffffffffffffff, 0x0, 0x0) setsockopt$SO_J1939_SEND_PRIO(0xffffffffffffffff, 0x6b, 0x3, 0x0, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)={0x48, 0x2, 0x6, 0x101, 0x0, 0x0, {0x0, 0x0, 0x2}, [@IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}]}, @IPSET_ATTR_REVISION={0x5}]}, 0x48}, 0x1, 0x0, 0x0, 0x854}, 0x0) r6 = syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x0) read$midi(r6, 0x0, 0x49) lseek(r4, 0x3, 0x4) ioctl$SNDCTL_SEQ_PANIC(0xffffffffffffffff, 0x5100) ioctl$SIOCSIFMTU(r2, 0x8922, &(0x7f0000000080)={'batadv_slave_0\x00', 0x3ff}) ioctl$SNDRV_RAWMIDI_IOCTL_STATUS32(r6, 0xc0245720, &(0x7f0000000180)={0x1}) sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c0000001a0001000000000000000000802000000000b9"], 0x1c}}, 0x0) r7 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[], 0x0) syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f0000000dc0)={0x84, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000ac0)={0x20, 0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r8 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) preadv(r8, &(0x7f0000000580)=[{&(0x7f0000000100)=""/31, 0x1f}, {0x0}], 0x2, 0x0, 0x0) syz_usb_ep_write$ath9k_ep1(r7, 0x82, 0x88, &(0x7f0000000040)=ANY=[]) 2.068333704s ago: executing program 2 (id=1277): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) syz_usb_connect$hid(0x0, 0x3f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000406a05014000000000000109022d"], 0x0) r5 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) pwritev(r5, &(0x7f0000000180)=[{&(0x7f0000000280)="0128448e", 0x4}, {0x0}], 0x2, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)={@multicast2, @local, @local}, 0xc) r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r6, &(0x7f0000fd7000/0x18000)=nil, &(0x7f0000000340)=[@text16={0x10, &(0x7f0000000380)="0fc733260f326766c7442400fe2700006766c7442402060000006766c744240600000000670f011424f2d81ef52eb891008ee0ba4300ecf466b95703000066b80600000066ba000000000f30c0370026670f22a6", 0x54}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_NESTED_STATE(r6, 0x4080aebf, &(0x7f0000003680)={{0x0, 0x0, 0x80}, "cb31455c9ea4288a70a2a6bb8068fd95dd041cf5b177a3bffe992dfbbdf959487337b92336ce1de32e7695c411c0bf9f852d2d71192f33001fd51f5b396a55cb98699a09d21648c4cb30d9d7e3e397c7a3c041c76c72385a46c48c5302848c3696facce956952c2a85822ddf20434ccee5806294ed563ff3a972cddf6ef16ddace933d8a5adea40cd3ad40c9873c29368838e815ff59723519154856b2d5cd9cd79a97dc2fa08dada1175817886e5f9e7aa3dca783a44c667a4806826570ec6acb57d65efc313a384e11fb633dee17ee600145f2cb3103384606140021be766fcb7fa029f0513bbb466177ca1068192550bbf4e6f5694aec747a16e27688a988fa595bca1761b8e88a7dbcaeaf97a8b7b53058b1faf880dd6f1b6eb4c7beb0582b4007f1a67db1352407adbe1456bf762c94fd825b9419d74f63cdeb6c6976de1890d773f0c8088d2bd48a838cf5b87f5ddf926352960fb978874b0f175acfa55ddfe84de3fc9f75b58bf7a35f33d3c43ed5e3224e92751fa1b43f94f64b681163ef1360a3f3bb7403afc67a188b2104b45c5814aaa9e218552498bf85f4b221d9acc32a331f5f8c109cc9f335ff4e418ab30b54b99d5376cd928c431fc8211fcbaf64716afdc4b6d0417e04d5723e4675d282b36bef3a3a19e855029ec7c33830a6df19332b63e9d8a0f22d96ac230c67657a4e7f7afab91dc0ce751b68980e5a4f6d9d6d9b98802ba9d8576640eea61b8c308a1745df61560e56108bececa3016d93246fdc8b768634e8319b1ffde103c07378f8f4927baba05e992a4b5af0958a7e495e7ce53f7917451d15a963ca14f5cdc4563775688b6533a4b97e0f84b0a33c30077b20805c1f42cc7815efada97ad59ac486bc9e0ee386b49cb97b47fbf8f919f06c75a49636795054b5ebee3e91602c90d7f4db49220affe56d56b96e4f662b2bf36dae482ffc7ba21cbc55e21b73309d6b7aa5509defcb77c236e43b579c61eae5c8d8f8fa71ad876b96069f2e4352c8aaf16e299d21edf5434c0cd9b25cdc9210fb0de759b1dd3fc7fe4c7118bbde72a5617dff21f7a5036448fba7fe41aaee0c289cd076d757e47b0713b236f6f141ba0112c9312b3ec853aabafdf1eb2cbb517d2d7352725f557214d27d9a340af0128fc960a4ea64c933b0d8dd226b6e024471aaac8a7074b2a8695ab990fabba5bf315d246fbfe4260f1fffe54814e33b6235c5b4095437298858909bcbd40a8a286d1bedb06b7b1775bce0a5bca19b0a5c2fa8dbf87b55ae0a43c5086422e5bacb94047e150451f5996420b0d4a697f59decb49900b2b9c13aade536933e14d672c21a35cb68572c3de02f3147414eff4b8674b91f7aebf35f056a8d388f67f8ef7cfaf6b28fe745831ef41def1839791647016932c70685752851327f1837d2f1e9d8f93443eefed2317119c8152ca451a5d3aeb253fb484283f52e5db9f61f059ad3c217a860ee0571d254483501b00699208c7fa5571cf58b9715c954115bc2db0af28361938bb95ced7370c8cbb6141ef62fdbf369dfc4eccd98ab9886d79a52cbf91a27dd0f4b29940492e860fb94654dea54fad6290570760e3b59a0cf28053732472dc313b5fedfc583fc702a880971dc61286370aaf167810455cce7654dc4325a41d9d1944abcdc4d81378f1e96a8f94cd95b886a01f086e379601504219d57d531ba34e1ba0905785fb629c61f6b940a652cdee9dbef12b7fcde087b92816db3386a5769049ba00788e31de4ddbb8b56de1fbe3a5e671728effda7cfd0b650cf5df2faf22470812efbbb548e47cbf36c64e05a7877820f08948ceedb35e12a4a143ee0101a7bf0a00a4062b50c39020669700adf739a6f75352a45fd1373d3e85c3867170373f0c7a794d8590f4c22ae62d438ec365b0f6a15cb2ffe0fc6f57185e1760761bd4370027c01dfad0502f00b6898115df3c530d0b0b4a64e623fd580b528a733e4c881cf5843a975a97f92a7833527887c79fa8eec82b9526a15c6c5f2972083ce8aec735810580ffa4ea2cef4823aee044dd70927f7c07bba18b930006aa86ae7399ac6b4c24bc9d6a6ab0c5b428d7255d4d983eadf97e10c1b00867da29ac981acb453073a37236e7ae808e7759b2e0cffc3ec43afb1e95cd090a7d4b9225a0e3cbebfe49b93846ab603891e2da7d85a04bf42d12d16a97c965bc4911d3ba7a9ca505794d8744fef00a436089de67aa8b480070230dfb002eb91edaff428d4908a87afae418dff7ca59aefe1ad8f6935f309fe7985c2310881659c60a66a5e50242497ba1cd5d2bd79496ccd23f9fd901afc6622829cb3701caa50f96e09e3b23bfa3181b74ec7dae2e42c9caab43e49ae1d922a1a1eb3682de026323d9215fcec42c54401a1af81450830a4b784ed1c7922734bf3632409147680dd3fabcef296353705bb5c0e650e12905a05db1e7923923a96ddc783fc1ed46e2010416c37d9d149ad73e808bd6e4464f62893024a8501803b6c88fc55c8bbc1da7cbf580b5a81fb7c61455ae3a8aaec303fba12e0f2b51ed5e8bd31db40e8bdbd00e7b1ddd364766c974d813d86fc88a27bf82bba60c62e5f0f6af6bda3390f8e72a2811baf3d6325e70d9a3b59cab1abe95290ecb87985567e1243504c038de9d4d100ea64eec45208cd8d2474e646f7d81eed6d59b8b0859552b6fc088d874cde3e75ee30243dc9d88ed5b577851a5bd9e2a453287025777fcac19ac33e1c94b4ad272f1055b16b842a6bd6168fb45f1f74ed2467020df5431068a5f2cbeaa6ac1841308c7c9f752aa06927f91fdf18ef9d9e942367e5ecac0abf4d3b8fc7b80238c0e7faf2ea7d3f5271028fc558a44799bde63168becc67c5531e843336fb16ab618d37f95a91937b824bf896b044146bc3a5e264a8f23ddd00729cd9aa56d9a9a24b7ab96ae021b193d8874d43ff4b723d86b7564e550378599c3e0c7a2b3d447ad76eb4cd699733d970a5ab218429a1af81df9c8013d6d16a6bcb019f6ace4461cdaa785d20ea027cfa53d521bb91ad2c04aaa6c0f268b14924803977633280c7b7beb14c88fae542b7a13e96253259e7296e37276da88891c14664340e84ae732edbd71e67047e476735b220ca231de31a380ece372db632ec3cb3ef5ac97ec41148febd2acb15cde1ee5e990ea0aaa95c2df39e2111dd1185d14a194e22d34fda8f54e99d3a73e5a231682c726d40816e048c1d059bf3bb9ee2b5f895365d95aa28f6adbf6e16469926b4d8ee7f04c7dbafaa444df5b88596c17874f0efe35e5ada1a69634f4b430f852d33b032f823c5deb54f47a7a4adb1adf56d5440b7a917580004c13e0b36c8e0a203a2be3f8fffd9efef3af19389a12c67859d4381ac0a02da18e25931b41216b731de25e1245482c84d45de1cddbce2109322a3428bff692012573fe9efd02109dbf35c5d3a287dec105cf3f1a2e5f0b1cc08c7b4759766d25d0f7b42c3ea8bf8101e61159a2ba7602e9c7947cf936ac39bf59b24084709fd61d704bbdba7d282aac778b7ec1dcaf984527c8112d56e75ab774d1598d9816abc77b0e693880beca5f330c626774ab5cb6967fb0ea8e14efce120947092c3b6f8a22f07cad22e971418092481fcad36ecf0cfd6bc3864115b8507c13554584f1f6fee5ee07eb6a091638d8e7781c1c006166e0f987f9f4de535e9f3df1db8c9328e9a19a73c76059ab4edfe9eda7f16cc6b869229bafb179d194e20ccc6f9338183b673de8138ddab9a0907278f6eaacc55bf59a450ebc10e0b88c82d9f0deca86ff771f46509250fde94e0c94256b77616d099862ddc9b341838d634a9dc4b55a88fcc6248901135f6aa76365433e7e534e0e5ae8eec2a63df62c3e244a40481189ff54122698c7e2da2c829b2eec9efc9894ee05be04ae6dd48406eaace17827e38bf38b414059aded0343e0711a8d864ff41a8d9ed40fb2aa1a3f4014f691cd0e8af62445a021820ff03afa8a192ee255862f306851df1de96ce36cafb6a60b7069db7aa96fd1ffb2fb01e6247f770304dffe4b1c8d0eeb336dd6806d6ab5d418953b1cae7cbbf53766b61e4aad5cfce8255b78af26f9bd11283a9c7d12cd63b82cd2b506fd4061d1e16fc7c713d80763c3b0aa0faadcd9b7d676101aad80e1ca00369297e1f714003ab8d0b545c335014a522a25a767950963ef821425b79b521076166d0df3ef358c7d60d99cc85463c186e8faf16af79785680382e4cc93f6594f8c4461e0988c08717640df24a5f357db22432fcae21702dc792d201212fb3791e0164bb3d433a8268ec96df73766fdba42965e00e619246cba5d96eb853a7c22c34d2fe5e5d3f3ccf9c627d069517b743cd07f6f7b444074bb9a50269f2e03309c58930e56a9583eb00c37fbcdd391972261f41756c10c8899fcd036e2017e088ef9e6ec31f795d55b3bba214c53c98fc9318e4ade0e7e6fd259aa277fed54c27e5210787a5f6937f56fdbe1da5113f059061ca590ddf536a55cb91ac6ed41cb9c0418b115b29f5e823c1b0ee7c2b3982087763545b34e2c945d587ebce69bbe299a7f52b674f351977370fc700474bc15d7e6ef98c14258ecf401a4f3bba1a9aa76c5ab0b8819fe6efe3fba1899909e5e48554299150ee272451b56142d12ae2bb4942db430239701d494917f2c939a6fb9d98d4751a6f2c4537ec870342d223343a9bd7b8d8c99aff8cbfa298395551185f35dec120228073a1e496a58b59d9ac5986249a7c6db9398395cbf341c08ee910700e2daa042dba1846fef59c72ce872bba2046a14fcf9a47a5686d62bfba76309a9865c26e5fa41dd872fc749fdc57953105ace4978f9eb788c8d061c853ad0313e51e732c5d7bc05e752443c8e99b8e81c688befdb5b14c3cc2f96eb8ce8290303e483992fcbece1ff278d0dc036ad437b6cbc695c7741ba4556e242146d40843c73deaf8fceba40e4a4acd739b3031848b17a210a1ff0dc1908b77c4bb94543af52e1fe2a090c8f217428d02336303f7952c3ddefa7c81850676e7f4cc3d32c3937281fa5ab279c3fe39f92ba077dadb8c2c3df17cc511bd33c41cb161d24aea154f0f5902c94b56fe072d321a983668bd9f4838878e66ec44cb233d7d0ca908a794c844ff8b3ba4c57f6c5fc2f3a54db448b013f0c4998bbc6ed0409b3368391cb28c6df4a909fff90f308ff38c758ff7d8a2920bc221236d89b3b76de44e8ce649b32f5135a0217ba9036a8edddee97d7ba15f2c21fb7d3cae3eb6ef09dd03eed650489c83b5ba5dd9daf7a86cf0544fb8a58e46b860e3e42e10cd6f1c4f81179eb2c3ba611793a32abb4c0768db90e8bdd1694efaa9c2b45c89d203fdfb8b926b6a0d666d91b93065a83184fc2065961f2308056241b66f427c0f0aabc75852c90f0624cf036d537032ca8d73325d2ae2a79a7292c240c34584bb881fe5d468a051cbc0bde061f9eddfb758cd2dfba296eef549e5c4ede097111216a0ec60f90e8d6f5dd843c82e15f505f8c74e854ba9cd386249d552978eb8135a5f8c79c3ceb8dd5828b0218ffe40f375d6cf3ff2f47c276c8169ab98336582a852c1535018fb2306aca6b8c9f9e38d64c66a722762b76c69d4ca6c14bd6992549e4eec17287fce194467f972d9200c3d1ac4fd4a8f2620e2e4281d28c099946ed90789ba122705326390d3e058ceed24044e542efb36416272eadf6304f30efa0b7bc1ae5be92fe50e591ee6f725726e917ec113506920beb2aa53b39f1d76b31500", "cfb220c7d481332f3f1f8079dfe27e23185fd67a407358db7892789f96b7fa9b14daa48617a10d8a91b820ecbaa470ec0bb1f3cbce7f70ec70b19a4cad082229c2788f8611d7dc306d9a45761a97828c36ed87ebde5d4a3e1609c1422a8ae2f7cca428ebdb0dd38b90b9598a353b18a600bf35a369e6e3e5abb0a1c5c0c0e48e014e7ef1b7d768b3c5657f1adfbb7ff2985082b16c99eb83ec3660990dcf1106efa6b7f8a4798fec811c2c85faec0235c83b7093b3d02367421abc40a554e0b0d7fc1bcaece4222c594f8d20e368fe625ca433c75486fe5c94103cd17291349ee12b877602936688666f82ecd8f4f83d50bb1650e08b96cd25ad147c4c956c98649806a3736d072c8d97c6e3a46a7c18535df8d828b86662400d8e9cc861fa1dd5dc193892d3168396c499e07b279fb76c7e289f2fd955691363bc1de74536dc571817615c88b0d594a136966c129e424ccb7ef1c7c7461eac7ca5f03d72ea4c9c3d1156ee4cb1bb70e097357588b5c49f6716bbae1bd118104b42786f09a3b9f7cb80f383cadfd0c462096ff2bb637b7cf79764b6a4b7ffc5d87c1f063fb48e7f08ad5af534c70079f12f28e8921abbd4280801cdf6101ea494768b1274afd0eea5939843d56022a83590920fe446d52dfe699c33977d5592dbf7e0e236b8175d7faae06e0c50f7402174023ce4b996564e945c416fa823f2f9c3213ac50b20bd1fd55bb8d9fe70ee31ea2f404ae0fcbf857bebcc9196c8c622059fea2e248e4058905b69fb98be312d3193ea1d8ff653173e8c2371371b77a5bea45b3cd6fba19b6336f94ec04c8f86d24e9ca959874577d7ca0baf3c4ff30b554bc3ccc06df46d925373fbf7863e2cf684d3bc9603ab72b851ca4728294de87f2dec6f23ca9e43ed2e5cbba662d13137fc1ce0f6ae6aeb974f72f4b750825fafb67715e425f40c7da83b92d4249a0a4e96b789cceb7b07f38cb83f72dd093a345ab3cb8ae760fc14e40ea182a0d7fe1facc62a1ab0902349fd7e27bb0cd349fb5053f4734823abf020739b4b43bb11f5d69b61295068df31177959903c2ea1bb82d24eeaa93d0d4738d5d15b2a401e7ebe0d3cfbd45b2db2882cdb41408aaa718f8320fbb7f9da4f68d0eebeef175442e807e9908132731fe5e268582dcf6dffa4251ebb7121db8e412089fa9d8af9919799547a26b6b8eb44c28f1ce5f9a3021fe30841be204c1b4b3813dccae6baeef9b53fe413cbec46bb0cd95d3793cdc9bfe6cdd96ce0c4aa4a25e1cbbeeee6c9fa558b279048c7e31d07b125bac68d4e1f4253bd4dc7824cf3d722c94cf2b8f61bc8155731f072fd447082b181a13ffb8c08a1d568298c5de2d969fae2bea070a9e2688f294e76b8c200dfb993ec19778eb56ae3127c1116ccc85ef8806fdcb9ee0cb66ff03fbb0fa6c52b9b101b3830fc1650efa859163a264b4059092e5dc9a415ec09bfd1460f142fe5ef00beb6aa9032bd0de97aefc6f65e8cfeea761b3d8174caf528b6627682ff4d4450cb0f34251fc000ed01dd538ef13260984f44703b89dfb511bfb538d0b1c8aded964e1bcc5ca57437468b14a31ec0000a17e4d24369c40500449c37e7dccedba3eceb59d827dace246b5c48afb6a5988e64c560b3dc76c32d831f51cdbc5cfc4364ac8b25372b87c92bacfedc6bc8feb44098dbebc89cda03c59e4c58a31372bd574704b9e788834b9f83c6703f6709efad97c4ce499ea580dae1de282a019247cb3dce5c1906322e6d3ca5157ea6428bc42416936fac194efe136089c07faf7adf1e923003f1dc63fcbc634b389a4f351a6acee785e23c6bb04ca2f265be1e634362b87c6f9fd369bbe62a1db6b286c7ffde6370bb4d6e9e0cc3ec451e1a99d134726c9075e71319d3a683e91e4b900061c0e6d086481069cd32f4cde7816f8e3a0ac6428a7488f31f06ee0da10df3ed0c150d29085879d064f914407f60018bb588735663647bfeda930407d69abef3f72fd461c2b85b00988b412a180fd267fc646a86d297e7e40912607157b6fa873df6442579b1523d8117f0c06c87adf75843b8bff30a5bfb4fe1e9846b7fdd58774641baf9cc9c4e38e53ed24a9d9e9dbc7657aa9b220a8545852b0409f5c0812e953823e841967bf55059acc7a4600818134359e72cfae0d04a0738ac8acca133d6395a455b22cdd6f901d4cdea1cf17415f7d7895a4b65f80d2f7c5c60a0dc04b40c9ae5ffc922e074a82afd704673e1766d19db9f60eab0238fb4a3169a08aded607847e5d752d4e24c4914b95bac3892bcfc2076f16a7f07583f0d418b9dec03afdb2e93335a392e1b1ef2910eb2a4b6a63fe61641f3c02bef73cd7e4a77a6f30ae821598c3160511603541bea89022b54f321c2a55cdeeb19335d78a821ab6ca0f36588a9a79a41e2123905a491d658c2a1caeee998c995bb0f816c92c5dc2b862183f80b9f9786c9c5524723c944d11f6894c7f008ab8194f577e22c03631d2a33205f508ea49653e7600639242dbaba704f700ac227f32dc575c559a0a1f4fe0cf6c22fbf7e1ca2ab4b1e4724e8379021e3c9a7c1509c6a413bd7d9c98938e440762eda2546d636597defa86c1ad31126a1182d365f858927d140fb0a97f80adcc5f4ed5efe11ac503453917a263f1d64692348d30f382e85e464ef7616067a42df5de1a1b622fabefe2ca4ceffa4801f7a02fdef40644cd1d079590d900727628d54b44db7ac700d8d664f7eea12837fcf347360d8e43a354fe51b4c49e8fcda3c322b738ed2b800b5cc06e22c72af2a67ee7bc8ae894e841f2cf2b0a7e381caf944bf4e91ded63b6f82f7474e4f81e986fff7e5339b8e9f60103a1af81833e120f0c88893ecabac044a4a2867cda4fdcb084459a00507aa9e5a8e761a72df3322a1ae8cd918b4994c23bdb1e459b4f21651bd7fa067a00e2a2877bf6b29f289ed8018e0a78f6fb4ded9749640e0e37f6381b320ab72da404f3d70d60152f6fa6738932387b83250cb3148141edb52f109bfd4bda8054959db01f4c550609a63c08cf01ecd110cfc6f0055638c0dde039d2ac2daafe59e561f9f08a8830c3f661e4325de63e98f4a4216ec3b83fd200201ed3f647147611424286ffc6c4a8aca64a6874743242d4feeaa9153de06e51c512d9cab7ae712c6424069f3e5db4ddebe9b48b5f6caa741162edf97674d2368e03a387f798151a4b9b9fa9e3a5838a343133158364a9fe3bb4b9a3c464c0c54a4c64ca774ad200925ac6bf59508c10a8574afde9b821741af43ec64cedc13aa220b39772195283506dfe899dd6a7b37eb21f154056a2df3564ef2bb918a928651de88c3613b84e7960bddd7b46b1304deb30f57b6fe5a3b4788629e91bcc2456a72fabb16b47da71624d2e9081de748b3387f52da4bb094782326dcfde0827e2d674e41bb375247d349cade9c704e5431785009b0e53f1b45c70b237c9432e07e4c7a8464ed11608a3d2184338dd9e6f6ef4b3d751e979667b6a3953c89aff4eead7a978071a912b3de21a85a5849c57933cf53cd74a610f3e60f699766fbc7e0bb8a891a429c77bb6f3b6f9f8eb0b1bd9588ef2ce98fdf0a0838e4b0bed807d8b673093c717feec8d697e32542274887d039db7a2daed5d52c8e9767443229f8003c5d67e907376ea2f393484fa70deee159cb56f8d097b8fe2736e95f540137e20725f0940a8d049068ead4c46bb3771a671bb00de88931e03445a55868de0c220db05cbda9f996d5fe7c1070efe5e718fed4d4cb4ecacad3d6b643bc0ffe9a71b720ba7b5adbbdefe29106ef6a6ffe4547f5d02bec312147df0abe80efb2d5e598fc7c8b268e58b59e0d75728e9a18126f013c963ddc92d251405f857fe3a5cbacf443be7772975b7bf4f6d7ed6f80dfcc47a88c6d19120942adb5385be6ef3c0d7e396bcac5affc8f9276d6cd1a0b069aed72a98cde8ea7aabe6cc091b19efcfaf9368dfeb3087a05a42e3b893dae5ffeb72e6ac06e995a2a75ea0b5f7876247bb4c38cf3f0153f1f7473b522f1c440b632270e2b1d654d3a5ae16cb788482760d34ca79c8951b29c628e21029715683a3e6f8f77c5d89ecdae37e0190f79c4c1dbc9d0160e359cd6c94d6662ed53bb01a83374ff593c823acc59241b11f020902069fc0054a9b26cb320bef4fb1f8cc5bd8ae76eb029afab731b9876bc4e8708a8315512823cff1f9375d284ce66e53d4efad6c76d17bb532fc938b8f80c13ce86b5ba3e540164bc5a5d47cd321c241d8740f453ef95bd3878d578561ad6ce20877ffbd44062dce8df1d048d8d5e4045be647886108cbb1f0b26a8b74b66858afedb830a161bb02bde4c46a688a0ea3a7018ce24666aab0f422ede2f78ea29f77e28d87c744cba0285ce33d0d9ac45774829699de6d725a9b6db6e7d03ad4ec9d075c386e68ca0bcd9e9911d741ed0168cbddb87a7918a964d206629da4e887277b0ef7d3f9c7082f3f15f29a0dfb39f3b0877a5ec3ac4343e0d808f5aee8f1869923aab6dfc3016821c013109f34aece6183994b853d0e9561375c02cdd26b1b55194757341929a8038864cedd6b5a3b8b51ade44637044c4ebddb190f173969a0ca4cf5d42153763a0b91da0110ae7a25204850927d81b00176d4568a3d444d8029bd010df784e3f673fe855601ec4f1b26b2df58841e6a65f0db66373f63cc14a8b07dfc52ac9957eb542d05ed687c79519609de96df18b63cb294b534ddf7d2e8f41bcc1e5a006191c4db057b6709f0a96f18e7e8f67b8be2a19c015b9c4b0b3f42e4de366b71f8da8888809473c3c7a02a1158e375f29997a43bc7118ca4d1abb8f8f21972fc589aaa3d73a4d40a1e1705e169ac6e56cff50d89fc45b6863c8fc67bb2b5939a7f33072539ba4c24077be5711ba368bf7efd4897931531d388eb5c2e56bef337777150dd59518652145c9594e110e41d2615196c6b197916c88cc2814e13a3a922b4ecb044bf31cc90e0bfe0ce07de29188bbcb0ec1a12b509f52582fbb948c3cbe0c6964f46991cec0704bfac08aec6ad8ddfc36dc68c7f547c5ee6af4a8d55c79e3dc1c49b045379811f81e9a185a92cd37ae4ee32c5d3c82d36d6202a6c84fd231fe467071d42072827fd77afa5d757e6f37247f783ef09bdfd7536b666e84bc4bb878005b7829293a04ba090272dec844f4ef0e934617c08518bdc6b915ac6f3f03e4a6ab88e21c3f21f93b31d95ea3b9228e0031cb69795de5abd19c4cb4a0cf2984e53ca391cc66e33ee0d510151670331fa264753704fea5e4b1760f74890c49a74a47e0da13155c5470013d53dea0f05b5e088f1511c209f5be940232318af2757951d399e32eb862d915784713baa8ba93645caf04ba78fa3cf600ff92b9c5be58ad87438a340bac00a5ea9fb17e39478ba61fe36335e48d8c5a0b25f024cbd2ec7f217d0f260951da396dc13a2a74cd90df4b52db686e3b34d27cfa4cebd7bf59cbcfaf4007dc943a1da6e0bd1799a21ab449d7bb42935e50c839c5b567c59742436af15bc8d46095520dcd9273ae2b6f3c1cc2b4311ac9e5d297f0940b1552c5955adb302022022bb7457978998b56328629b7725dfbe3dedb37f37af0697a4471d1d6ff6bec633a38540adeba903f3eaaec5785fbb3c6a598f49dbd9ff93c67dea1ef39a614331b119fa8efccc8bac01595fb95a2a57eec9fc6c6fe82782aa89ea971866fd9a3bca4010182092ab6d1e2b49b964be9e3bb13bd6b77850e435f55a5d46e5bcb3330c7edefd31c33f61275e516"}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text16={0x10, &(0x7f0000000240)="240066b8010000000f01c1660f3880310f01c5baf80c66b8b81acb8f66efbafc0cecbaf80c66b8bcb4ea880fc7a20068bafc0cedba430066ed66b8579e00000f23d00f21f866352000000f0f23f8643e660f6db79a5f6766c744c35f00d93f19000066c7442402000001006766c744240600000000670f050924", 0x7a}], 0x1, 0x0, 0x0, 0x0) r7 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r7, 0x40045532, &(0x7f0000000100)) r8 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x88602, 0x0) r9 = ioctl$TIOCGPTPEER(r5, 0x5441, 0x16) ioctl$TIOCMSET(r9, 0x5418, &(0x7f0000000140)=0xb) ioctl$SNDCTL_DSP_GETODELAY(r8, 0x80045017, 0x0) r10 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65) write$snddsp(r10, &(0x7f0000000200)="a38d", 0x2) ioctl$SNDRV_PCM_IOCTL_DRAIN(r10, 0x4144, 0x0) ioctl$SNDCTL_DSP_GETOPTR(r8, 0x800c5012, &(0x7f0000000080)) ioctl$KVM_RUN(r6, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000480)={"8d515ad0d4959e52f84c77371936d145c84bd6924b2d4aab3d227d8ac8e59dc4f25f3b73319df60a62f18f50cae3514d464e6a20121017689f1c90d4df627e50f686017425ebd3f906fcc7b307772a0dc0cd86a311f911fd367f28b865f1dbc554aec5e91cbec5ab49160a95498d58d7d7034c0d1de5bbeacd2ab66a0128d8932368e955a212756b67c42dab89795885d71402af44a8b1248fb3e9e7fda04dd2fe8618ebdaee73b5405dd452b4cee4dac8d56e1ab1f102053193d082eae2e7c41aa70a97d25fab38192f3f8cad809d15a9ec01e194301c085eeb9b957fededc9715c8938291066e2ddf61d2b245ca67fa3404394524470f0c26d44f3d0a1193abeaf20beba7d2608ee88c99fef7b1bac18fbb6140f581d140c1763f80016d87c0502dd59ca2f5b098f7923d78d3b5e8335df5c64e07e2b4935749ad00ed900d26bb2605ebfe7e22ca91bc0ae9da1b94d26e0e710f241bcf88e5840a3f5d82a39d927f4ff9dd8671ec8b976313ae4e59090b82040d8afee13705889f03ddb17d4c3d1a2b149d2cf704c5cd3437bc7ad5624a24b860f5268c5416baae33a73519184c9e974ab12aeb868ff553b74ae703f709d6fc0e741f66359555ee442107693765be13553a60a934a36e0d21625aefbd7041bf27401380b8a0a2648827036541fa49f1126413f74aead0c51e492dc449ecb0908dcd1fe0177e757189068150ddbaf5ca785b32581a2bb5dd020f0fd4633862b8bd3affa184da71a823ee2eb65fb7546a99df0847224683a6d26cec014eca68b38cdcab06a7758c482fdc3a541aa6a53f8b001072162bf681ce5caeaf4113db9603e7064ca49b16d87b75ee0479e81b0bca69094b445058f5ad9c71ef285b0ba402de783a54146443e16d8a8d8f0cb2b51ddceb95005ffa953d48f285d232ef2b4c1603a6f8cdd30b3a6f918a4dc25167072e24c6ec2091eb25a6581125f0b6dfa6dbc10e53790b7bb2c4f73c4ee36868c7eaced3f7a63eba8719ae74e96c369ff1a0e90d8be00a0e1fbeeb9d264c15abe04e96d9fcfb8b6b0c1daf50d692253e4bad865cf28989509f13264dacab6b6e3f74f873f5e4c3a0be77442dde349ca0e9988b95715733e48b308b417ee3d1efeeb7fe713478d33c803dcf79452fd56dbdab9f9e25dc0feba5a1397317075deb54933ac8e609583e8dfa4424881eefea63d20f1ca8fa6b239bdfe05a8a432fc74dd6478525312505d03d30bf8425595c015c3a5a1cca8fe9070b24323f5630a846f88f0131e641dd17a755bdeb74c300cd00918efc5a0cfb82dd5619410838cb19ba48ce48a4d8bce5460473e85c43609b22fdbdbc602ac148b849e5a3a530b0ad3d4dbd89faec2f29f11e0047c0e775e3b6dbf5d9803542983896fab203975b2d1ea7edd3592441ba9a944de75af4769106daeaf0b7a9bf023136c7a"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.680128305s ago: executing program 1 (id=1280): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x18, 0x4, &(0x7f0000000500)=ANY=[@ANYBLOB="b40000000000000079100000000000006300f8ff0000000095007400000000001043587cf6927cc8c726413afba6f88f8acecdb312a64fdefca577711bf86f27b14d305be9d55af6ad5a87ac6e62a63a595da5b02a2bfcf8736b50bc01300c2255e1ce461f57251491410785e00fa144a4557eeb224d1ee3de017120374dbeb00b22010500000000000000d2634f9a00f839febddb80a3b446e9dfa54d8a6b9a42af8dcb69466a2299e0430d3ee572a6b7f768409300a429fd21d2b447254ec462c05bcd6fe7d46534ca0d6712d2805c826ab5a37be862bd2a68cdbb4a23b2966274c4178c55c94e5159b5"], &(0x7f0000003ff6)='GPL\x00', 0x8, 0xc3, &(0x7f0000000400)=""/198, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xffffff52}, 0x1b) setsockopt$netlink_NETLINK_RX_RING(r0, 0x10e, 0x6, &(0x7f0000000300)={0x2, 0x7, 0x8, 0xf}, 0x10) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [], {0x14}}, 0x28}}, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x6) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.effective_mems\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f00000003c0), 0x1000a) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2, 0x13, r2, 0x0) r3 = syz_open_dev$video(&(0x7f0000000000), 0x7fff, 0x0) ioctl$VIDIOC_S_PARM(r3, 0xc0cc5616, &(0x7f0000000140)={0x1, @output}) r4 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000100), r0) sendmsg$L2TP_CMD_TUNNEL_DELETE(r0, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000140)={&(0x7f0000000200)={0x70, r4, 0x4, 0x70bd2c, 0x25dfdbfe, {}, [@L2TP_ATTR_DEBUG={0x8}, @L2TP_ATTR_L2SPEC_TYPE={0x5}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x2}, @L2TP_ATTR_LNS_MODE={0x5, 0x14, 0x7}, @L2TP_ATTR_L2SPEC_TYPE={0x5, 0x5, 0x1}, @L2TP_ATTR_LNS_MODE={0x5, 0x14, 0x1}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @L2TP_ATTR_OFFSET={0x6, 0x3, 0x5}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x2}, @L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0x2}]}, 0x70}, 0x1, 0x0, 0x0, 0x4000}, 0x8000) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000006c0)={0x50, 0x3, 0x1, 0x101, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x30, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast2}, {0x28, 0x4, @local}}}]}, @CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0xd06}]}]}, 0x50}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000080)) 1.571043176s ago: executing program 1 (id=1281): madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) sched_rr_get_interval(r0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./bus\x00', 0x0, &(0x7f00000003c0)=ANY=[], 0xfe37, 0x0) get_mempolicy(&(0x7f00000003c0), 0x0, 0x4, &(0x7f00008ef000/0x3000)=nil, 0x2) 605.772522ms ago: executing program 1 (id=1282): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)={0x78, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x3f, 0xe, {{{}, {}, @device_b, @device_b, @from_mac}, 0x0, @random, 0x0, @void, @val, @void, @void, @val={0x6, 0x2}, @void, @void, @void, @void, @void, @void, @val={0x71, 0x7}, @val={0x76, 0x6}}}, @NL80211_ATTR_BEACON_TAIL={0x4}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x78}}, 0x0) 483.108391ms ago: executing program 1 (id=1283): r0 = socket(0x0, 0x1, 0x0) close(r0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000020c0)}, &(0x7f0000002100)=0x10) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x72, 0x0, &(0x7f0000003c00)) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x300000b, 0x4031, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0x365, &(0x7f00000020c0)={@random="b3ae0d9fff6a", @random="caf66222e6aa", @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "430093", 0x32f, 0x3a, 0xff, @dev, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0xa00, 0x0, 0x0, [{0x0, 0xa, "a78ce5400659808000ffffc0fe4023493b87aafaffffffffffffff2373247202fa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1802"}, {0x0, 0x1, "00000000000000000800ee00"}, {0x0, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23a5026e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x0, 0x1d, "06aa85616177c61bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0822a18b79f7c5eba31fb68b2d734a6671e27182aee4df24a4a5c6186c0d3baa75af390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5acaa556b9f30dcab2b90aa235a670670ffc5dc49dfb58d89310000000000"}, {0x0, 0xb, "d47ae6e8805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68e2d2c6393a9f3becd1a9f51a948b5b303f4f018"}, {0x21, 0x7, "fcf98a102ec1876d4e6fa3b20519bbaa8a029cee00b8d3485e4163ed09bdb581c9fe68a356f542b043059ff05932e740e077e1d16212fb"}, {0x0, 0xa, "5e14f0e74d2d52cfb3f27fafa40845f90b6dfc87c6905bbc94d33e4575c853105f543e8e8a8a73b360a9d33e2b1e26eb1d18065daa7628cf9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf032"}, {0x0, 0x5, "d517fb2cf1a4ffdc1b7e018dff16e70b8b14c4b7a94fe18e88605aa6be1a02a326a6bce65e81ed"}]}}}}}}, 0x0) 243.702889ms ago: executing program 1 (id=1284): r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r1 = dup2(r0, r0) connect$inet6(r1, 0x0, 0x900) 60.363579ms ago: executing program 1 (id=1285): r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000040)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) syz_usb_control_io(r0, 0x0, 0x0) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$EVIOCGMASK(r1, 0x80045b09, 0x0) 0s ago: executing program 4 (id=1286): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f000041b000/0x3000)=nil, 0x3000, 0xf, 0x8010, 0xffffffffffffffff, 0xc2503000) r0 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r1 = epoll_create1(0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$WPAN_WANTACK(r4, 0x0, 0x0, &(0x7f0000000180), 0x4) r5 = socket$netlink(0x10, 0x3, 0x15) writev(r5, &(0x7f0000000480)=[{&(0x7f00000000c0)="39000000130003470fbb65e1c3e4ffff060060001600000056000000250000001900b3c0b6d2030007fd16e5ff8e0606040000000000000000", 0x39}], 0x1) close_range(r4, r5, 0x0) r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_SB_OCC_SNAPSHOT(r5, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x3c, r6, 0x100, 0x70bd27, 0x25dfdbfd, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x1}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) r7 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000100)={0x20000014}) epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r1, &(0x7f0000000000)={0xa0000001}) r8 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000003500077e00000000009349de6eb4c7fed30000000b7c1100"], 0x14}}, 0x0) ppoll(&(0x7f0000000200)=[{r7, 0x80a9}], 0x1, 0x0, 0x0, 0x0) connect$rxrpc(0xffffffffffffffff, &(0x7f0000000000)=@in6={0x21, 0x3, 0x2, 0x1c, {0xa, 0x4e22, 0x7, @private2, 0xc}}, 0x24) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) mincore(&(0x7f00005c3000/0x4000)=nil, 0x4000, &(0x7f0000000040)=""/159) kernel console output (not intermixed with test programs): vice found, idVendor=05c6, idProduct=6001, bcdDevice=c3.7b [ 273.200523][ T7915] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 273.214252][ T5131] usb 2-1: New USB device strings: Mfr=1, Product=1, SerialNumber=3 [ 273.581724][ T5131] usb 2-1: Product: syz [ 273.590607][ T5131] usb 2-1: Manufacturer: syz [ 273.605789][ T7915] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 273.629020][ T7915] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 273.635014][ T5131] usb 2-1: SerialNumber: syz [ 273.673163][ T7915] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 274.722098][ T8043] netlink: 4 bytes leftover after parsing attributes in process `syz.0.688'. [ 274.752773][ T5131] usb 2-1: config 0 descriptor?? [ 274.900418][ T7915] hsr_slave_0: entered promiscuous mode [ 274.927656][ T7915] hsr_slave_1: entered promiscuous mode [ 275.664137][ T8051] netlink: 64 bytes leftover after parsing attributes in process `syz.3.689'. [ 275.721069][ T8051] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 275.755189][ T5133] usb 2-1: USB disconnect, device number 18 [ 278.099517][ T7915] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 278.155334][ T7915] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 278.190289][ T7915] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 278.230870][ T7915] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 278.318339][ T5133] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 278.402385][ T8105] netlink: 4 bytes leftover after parsing attributes in process `syz.3.700'. [ 278.544453][ T5133] usb 3-1: Using ep0 maxpacket: 16 [ 278.556538][ T7915] 8021q: adding VLAN 0 to HW filter on device bond0 [ 278.568878][ T5133] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 278.602456][ T5133] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 278.629042][ T8110] netlink: 64 bytes leftover after parsing attributes in process `syz.1.702'. [ 278.662607][ T7915] 8021q: adding VLAN 0 to HW filter on device team0 [ 278.672076][ T5133] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 278.706511][ T5133] usb 3-1: config 0 descriptor?? [ 278.763837][ T5085] bridge0: port 1(bridge_slave_0) entered blocking state [ 278.771106][ T5085] bridge0: port 1(bridge_slave_0) entered forwarding state [ 278.880125][ T5085] bridge0: port 2(bridge_slave_1) entered blocking state [ 278.887361][ T5085] bridge0: port 2(bridge_slave_1) entered forwarding state [ 278.904611][ T929] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 279.139536][ T929] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 279.151997][ T929] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 279.163600][ T929] usb 1-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00 [ 279.176676][ T8098] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 279.181365][ T7915] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 279.231300][ T8098] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 279.241591][ T929] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 279.284265][ T7915] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 279.351344][ T929] usb 1-1: config 0 descriptor?? [ 279.358615][ T5133] hid (null): report_id 2838798905 is invalid [ 279.380221][ T5133] hid (null): unknown global tag 0xc [ 279.391345][ T5133] hid (null): unknown global tag 0xa5 [ 279.414266][ T5133] hid (null): unknown global tag 0xd [ 279.457183][ T5133] hid (null): unknown global tag 0xc [ 279.528727][ T5133] hid-generic 0003:0158:0100.0005: unknown main item tag 0x1 [ 279.598070][ T5133] hid-generic 0003:0158:0100.0005: unexpected long global item [ 279.645294][ T5133] hid-generic 0003:0158:0100.0005: probe with driver hid-generic failed with error -22 [ 279.696199][ T5133] usb 3-1: USB disconnect, device number 9 [ 279.839779][ T929] hid-led 0003:1D34:000A.0006: unknown main item tag 0x0 [ 280.096989][ T929] hid-led 0003:1D34:000A.0006: hidraw0: USB HID v0.00 Device [HID 1d34:000a] on usb-dummy_hcd.0-1/input0 [ 280.187430][ T929] hid-led 0003:1D34:000A.0006: Dream Cheeky Webmail Notifier initialized [ 280.358930][ T7915] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 280.785253][ T5133] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 280.819271][ T29] kauditd_printk_skb: 28 callbacks suppressed [ 280.819288][ T29] audit: type=1326 audit(1720373355.457:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8143 comm="syz.1.707" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7beb175bd9 code=0x0 [ 281.016821][ T7915] veth0_vlan: entered promiscuous mode [ 281.028025][ T5133] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7 [ 281.052950][ T7915] veth1_vlan: entered promiscuous mode [ 281.068927][ T5133] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid wMaxPacketSize 0 [ 281.111771][ T5133] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 281.172947][ T5133] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 281.210474][ T7915] veth0_macvtap: entered promiscuous mode [ 281.228509][ T5133] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 281.252093][ T5133] usb 4-1: config 0 descriptor?? [ 281.263544][ T7915] veth1_macvtap: entered promiscuous mode [ 281.393608][ T7915] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 281.446668][ T7915] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 281.461435][ T25] usb 1-1: USB disconnect, device number 19 [ 281.497793][ T7915] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 281.546150][ T7915] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 281.578638][ T7915] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 281.610892][ T7915] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 281.658134][ T7915] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 281.681746][ T7915] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 281.721684][ T7915] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 281.741048][ T5133] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0 [ 281.762757][ T5133] plantronics 0003:047F:FFFF.0007: No inputs registered, leaving [ 281.789176][ T7915] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 281.910176][ T5133] plantronics 0003:047F:FFFF.0007: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 281.991130][ T7915] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 282.118918][ T7915] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 282.189977][ T7915] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 282.249101][ T7915] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 282.334466][ T7915] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 282.349510][ T7915] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 282.384531][ T7915] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 282.406145][ T7915] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 282.451759][ T7915] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 282.500141][ T8180] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 282.504481][ T7915] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 282.524840][ T8180] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 282.546243][ T7915] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 282.569438][ T7915] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 282.645245][ T8180] kAFS: unparsable volume name [ 282.810840][ T5995] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 282.843731][ T5995] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 282.874664][ T5085] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 282.944945][ T1044] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 282.967508][ T1044] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 283.078171][ T5085] usb 2-1: Using ep0 maxpacket: 32 [ 283.109993][ T5085] usb 2-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7 [ 283.140049][ T5085] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 283.185631][ T5085] usb 2-1: config 0 descriptor?? [ 283.205056][ T5085] gspca_main: sunplus-2.14.0 probing 041e:400b [ 283.474565][ T29] audit: type=1326 audit(1720373358.107:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8197 comm="syz.2.713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f152a575bd9 code=0x7ffc0000 [ 283.564402][ T29] audit: type=1326 audit(1720373358.117:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8197 comm="syz.2.713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f152a575bd9 code=0x7ffc0000 [ 283.678476][ T29] audit: type=1326 audit(1720373358.137:512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8197 comm="syz.2.713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f152a575bd9 code=0x7ffc0000 [ 283.801927][ T5085] gspca_sunplus: reg_w_riv err -71 [ 283.809539][ T29] audit: type=1326 audit(1720373358.137:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8197 comm="syz.2.713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f152a575bd9 code=0x7ffc0000 [ 283.844519][ T5085] sunplus 2-1:0.0: probe with driver sunplus failed with error -71 [ 283.901860][ T5133] usb 4-1: USB disconnect, device number 16 [ 283.913240][ T29] audit: type=1326 audit(1720373358.137:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8197 comm="syz.2.713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f152a575bd9 code=0x7ffc0000 [ 283.944635][ T5085] usb 2-1: USB disconnect, device number 19 [ 283.957048][ T29] audit: type=1326 audit(1720373358.137:515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8197 comm="syz.2.713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f152a575bd9 code=0x7ffc0000 [ 283.992934][ T29] audit: type=1326 audit(1720373358.137:516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8197 comm="syz.2.713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f152a575bd9 code=0x7ffc0000 [ 284.034376][ T29] audit: type=1326 audit(1720373358.137:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8197 comm="syz.2.713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f152a56cc27 code=0x7ffc0000 [ 284.066097][ T29] audit: type=1326 audit(1720373358.137:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8197 comm="syz.2.713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f152a5115c9 code=0x7ffc0000 [ 284.675119][ T5085] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 284.694288][ T8229] netlink: 4 bytes leftover after parsing attributes in process `syz.0.719'. [ 284.856735][ T5085] usb 5-1: New USB device found, idVendor=0c45, idProduct=8001, bcdDevice=90.0a [ 284.879048][ T5085] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 284.920947][ T5085] usb 5-1: config 0 descriptor?? [ 284.937767][ T5085] gspca_main: sn9c2028-2.14.0 probing 0c45:8001 [ 285.141039][ T5085] gspca_sn9c2028: read1 error -32 [ 286.110017][ T8249] netlink: 60 bytes leftover after parsing attributes in process `syz.2.727'. [ 286.334480][ T929] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 286.526554][ T929] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7 [ 286.540745][ T929] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid wMaxPacketSize 0 [ 286.550978][ T929] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 286.564593][ T929] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 286.573745][ T929] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 286.591940][ T929] usb 4-1: config 0 descriptor?? [ 286.814785][ T25] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 287.044506][ T25] usb 1-1: Using ep0 maxpacket: 8 [ 287.059642][ T25] usb 1-1: New USB device found, idVendor=0402, idProduct=5602, bcdDevice=35.76 [ 287.077448][ T929] plantronics 0003:047F:FFFF.0008: unknown main item tag 0x0 [ 287.087659][ T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 287.101189][ T929] plantronics 0003:047F:FFFF.0008: No inputs registered, leaving [ 287.112446][ T25] usb 1-1: Product: syz [ 287.116919][ T25] usb 1-1: Manufacturer: syz [ 287.127949][ T25] usb 1-1: SerialNumber: syz [ 287.135648][ T929] plantronics 0003:047F:FFFF.0008: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 287.150854][ T25] usb 1-1: config 0 descriptor?? [ 287.159716][ T25] gspca_main: ALi m5602-2.14.0 probing 0402:5602 [ 287.299049][ T5131] usb 5-1: USB disconnect, device number 17 [ 287.377737][ T25] gspca_m5602: Failed to find a sensor [ 287.420176][ T25] ALi m5602 1-1:0.0: ALi m5602 webcam failed [ 287.441453][ T25] usb 1-1: USB disconnect, device number 20 [ 287.527593][ T8270] netlink: 4 bytes leftover after parsing attributes in process `syz.4.734'. [ 287.695776][ T8271] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 287.727184][ T8271] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 287.836455][ T8271] kAFS: unparsable volume name [ 288.456217][ T5130] usb 4-1: reset high-speed USB device number 17 using dummy_hcd [ 288.837178][ T8292] netlink: 4 bytes leftover after parsing attributes in process `syz.1.743'. [ 289.498248][ T25] usb 4-1: USB disconnect, device number 17 [ 290.016444][ T5130] usb 1-1: new high-speed USB device number 21 using dummy_hcd [ 290.254488][ T5130] usb 1-1: Using ep0 maxpacket: 8 [ 290.273443][ T5130] usb 1-1: New USB device found, idVendor=0402, idProduct=5602, bcdDevice=35.76 [ 290.314272][ T5130] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 290.350004][ T5130] usb 1-1: Product: syz [ 290.369306][ T5130] usb 1-1: Manufacturer: syz [ 290.374136][ T5130] usb 1-1: SerialNumber: syz [ 290.413126][ T5130] usb 1-1: config 0 descriptor?? [ 290.429062][ T5130] gspca_main: ALi m5602-2.14.0 probing 0402:5602 [ 290.643350][ T5130] gspca_m5602: Failed to find a sensor [ 290.655895][ T5130] ALi m5602 1-1:0.0: ALi m5602 webcam failed [ 290.693920][ T5130] usb 1-1: USB disconnect, device number 21 [ 290.847755][ T8328] binder: BINDER_SET_CONTEXT_MGR already set [ 290.853875][ T8328] binder: 8321:8328 ioctl 4018620d 20000100 returned -16 [ 290.881142][ T29] kauditd_printk_skb: 708 callbacks suppressed [ 290.881159][ T29] audit: type=1326 audit(1720373365.517:1227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8321 comm="syz.4.753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46aa575bd9 code=0x7ffc0000 [ 291.060098][ T29] audit: type=1326 audit(1720373365.677:1228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8321 comm="syz.4.753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46aa575bd9 code=0x7ffc0000 [ 291.143807][ T29] audit: type=1326 audit(1720373365.677:1229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8321 comm="syz.4.753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f46aa575bd9 code=0x7ffc0000 [ 291.181797][ T29] audit: type=1326 audit(1720373365.677:1230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8321 comm="syz.4.753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46aa575bd9 code=0x7ffc0000 [ 291.267017][ T29] audit: type=1326 audit(1720373365.677:1231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8321 comm="syz.4.753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46aa575bd9 code=0x7ffc0000 [ 291.334444][ T25] usb 5-1: new full-speed USB device number 18 using dummy_hcd [ 291.469678][ T29] audit: type=1326 audit(1720373365.677:1232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8321 comm="syz.4.753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f46aa574610 code=0x7ffc0000 [ 291.552967][ T29] audit: type=1326 audit(1720373365.677:1233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8321 comm="syz.4.753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f46aa5757db code=0x7ffc0000 [ 291.553888][ T25] usb 5-1: config 0 has an invalid interface number: 3 but max is 0 [ 291.583452][ T25] usb 5-1: config 0 has no interface number 0 [ 291.590021][ T25] usb 5-1: config 0 interface 3 altsetting 0 endpoint 0x83 has invalid maxpacket 512, setting to 64 [ 291.601465][ T25] usb 5-1: config 0 interface 3 altsetting 0 has a duplicate endpoint with address 0x3, skipping [ 291.617713][ T25] usb 5-1: config 0 interface 3 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 4 [ 291.648248][ T25] usb 5-1: New USB device found, idVendor=05c6, idProduct=6001, bcdDevice=c3.7b [ 291.657759][ T25] usb 5-1: New USB device strings: Mfr=1, Product=1, SerialNumber=3 [ 291.666224][ T25] usb 5-1: Product: syz [ 291.671459][ T25] usb 5-1: Manufacturer: syz [ 291.676185][ T25] usb 5-1: SerialNumber: syz [ 291.692324][ T29] audit: type=1326 audit(1720373365.677:1234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8321 comm="syz.4.753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f46aa5757db code=0x7ffc0000 [ 291.770749][ T25] usb 5-1: config 0 descriptor?? [ 291.809981][ T29] audit: type=1326 audit(1720373365.687:1235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8321 comm="syz.4.753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f46aa5757db code=0x7ffc0000 [ 291.857132][ T29] audit: type=1326 audit(1720373365.687:1236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8321 comm="syz.4.753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f46aa5757db code=0x7ffc0000 [ 292.145299][ T5088] Bluetooth: hci4: unexpected event for opcode 0x1405 [ 292.227867][ T5130] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 292.450144][ T5130] usb 2-1: Using ep0 maxpacket: 8 [ 292.467064][ T5130] usb 2-1: New USB device found, idVendor=0402, idProduct=5602, bcdDevice=35.76 [ 292.480518][ T5130] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 292.490375][ T5130] usb 2-1: Product: syz [ 292.494699][ T5130] usb 2-1: Manufacturer: syz [ 292.525388][ T5130] usb 2-1: SerialNumber: syz [ 292.535863][ T5130] usb 2-1: config 0 descriptor?? [ 292.561032][ T5130] gspca_main: ALi m5602-2.14.0 probing 0402:5602 [ 292.989997][ T5130] gspca_m5602: Failed to find a sensor [ 293.031756][ T5130] ALi m5602 2-1:0.0: ALi m5602 webcam failed [ 293.057223][ T5130] usb 2-1: USB disconnect, device number 20 [ 293.117928][ T8373] netlink: 4 bytes leftover after parsing attributes in process `syz.0.768'. [ 293.534482][ T25] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 293.777177][ T25] usb 4-1: Using ep0 maxpacket: 8 [ 293.851447][ T8383] netlink: 48 bytes leftover after parsing attributes in process `syz.1.772'. [ 293.873996][ T5130] usb 5-1: USB disconnect, device number 18 [ 293.894122][ T25] usb 4-1: New USB device found, idVendor=0402, idProduct=5602, bcdDevice=35.76 [ 293.904259][ T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 293.947346][ T25] usb 4-1: Product: syz [ 293.951555][ T25] usb 4-1: Manufacturer: syz [ 293.988471][ T25] usb 4-1: SerialNumber: syz [ 294.018912][ T25] usb 4-1: config 0 descriptor?? [ 294.038181][ T25] gspca_main: ALi m5602-2.14.0 probing 0402:5602 [ 294.169333][ T5088] Bluetooth: Unexpected continuation frame (len 18) [ 294.476878][ T25] gspca_m5602: Failed to find a sensor [ 294.482605][ T25] ALi m5602 4-1:0.0: ALi m5602 webcam failed [ 294.510938][ T25] usb 4-1: USB disconnect, device number 18 [ 295.266934][ T8416] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 295.667910][ T8417] binder: BINDER_SET_CONTEXT_MGR already set [ 295.694674][ T8417] binder: 8413:8417 ioctl 4018620d 20000100 returned -16 [ 295.714904][ T8419] netlink: 48 bytes leftover after parsing attributes in process `syz.1.784'. [ 295.939223][ T29] kauditd_printk_skb: 41 callbacks suppressed [ 295.939240][ T29] audit: type=1326 audit(1720373370.577:1278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8413 comm="syz.3.783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f819f5757db code=0x7ffc0000 [ 296.018742][ T8426] netlink: 4 bytes leftover after parsing attributes in process `syz.2.787'. [ 296.038026][ T29] audit: type=1326 audit(1720373370.657:1279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8413 comm="syz.3.783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f819f5757db code=0x7ffc0000 [ 296.188836][ T5085] usb 4-1: new full-speed USB device number 19 using dummy_hcd [ 296.200377][ T5088] Bluetooth: hci0: command tx timeout [ 296.201409][ T5090] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 296.222557][ T5090] Bluetooth: hci4: Injecting HCI hardware error event [ 296.231029][ T5088] Bluetooth: hci4: hardware error 0x00 [ 296.302432][ T29] audit: type=1326 audit(1720373370.877:1280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8413 comm="syz.3.783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f819f5757db code=0x7ffc0000 [ 296.500929][ T29] audit: type=1326 audit(1720373370.887:1281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8413 comm="syz.3.783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f819f5757db code=0x7ffc0000 [ 296.541058][ T5085] usb 4-1: config 0 has an invalid interface number: 3 but max is 0 [ 296.591736][ T5085] usb 4-1: config 0 has no interface number 0 [ 296.755517][ T5085] usb 4-1: config 0 interface 3 altsetting 0 endpoint 0x83 has invalid maxpacket 512, setting to 64 [ 296.765433][ T29] audit: type=1326 audit(1720373370.897:1282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8413 comm="syz.3.783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f819f5757db code=0x7ffc0000 [ 297.507419][ T5085] usb 4-1: config 0 interface 3 altsetting 0 has a duplicate endpoint with address 0x3, skipping [ 297.524432][ T5085] usb 4-1: config 0 interface 3 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 4 [ 297.538454][ T29] audit: type=1326 audit(1720373371.007:1283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8413 comm="syz.3.783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f819f5757db code=0x7ffc0000 [ 297.629808][ T5085] usb 4-1: New USB device found, idVendor=05c6, idProduct=6001, bcdDevice=c3.7b [ 297.641575][ T29] audit: type=1326 audit(1720373371.117:1284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8413 comm="syz.3.783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f819f5757db code=0x7ffc0000 [ 297.667026][ T5085] usb 4-1: New USB device strings: Mfr=1, Product=1, SerialNumber=3 [ 297.693212][ T5085] usb 4-1: Product: syz [ 297.697522][ T5085] usb 4-1: Manufacturer: syz [ 297.712985][ T5085] usb 4-1: SerialNumber: syz [ 297.728208][ T29] audit: type=1326 audit(1720373371.137:1285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8413 comm="syz.3.783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f819f5757db code=0x7ffc0000 [ 297.755474][ T29] audit: type=1326 audit(1720373371.147:1286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8413 comm="syz.3.783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f819f5757db code=0x7ffc0000 [ 297.786733][ T5085] usb 4-1: config 0 descriptor?? [ 297.852993][ T29] audit: type=1326 audit(1720373371.167:1287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8413 comm="syz.3.783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f819f5757db code=0x7ffc0000 [ 298.124856][ T5131] usb 2-1: new high-speed USB device number 21 using dummy_hcd [ 298.334430][ T5131] usb 2-1: Using ep0 maxpacket: 8 [ 298.349460][ T5131] usb 2-1: New USB device found, idVendor=0402, idProduct=5602, bcdDevice=35.76 [ 298.354528][ T5088] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 298.484540][ T5131] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 298.493164][ T5131] usb 2-1: Product: syz [ 298.497657][ T5131] usb 2-1: Manufacturer: syz [ 298.502382][ T5131] usb 2-1: SerialNumber: syz [ 298.518012][ T5131] usb 2-1: config 0 descriptor?? [ 298.539615][ T5131] gspca_main: ALi m5602-2.14.0 probing 0402:5602 [ 298.937082][ T5131] gspca_m5602: Failed to find a sensor [ 298.949679][ T5131] ALi m5602 2-1:0.0: ALi m5602 webcam failed [ 298.961779][ T5131] usb 2-1: USB disconnect, device number 21 [ 299.134131][ T5085] usb 4-1: USB disconnect, device number 19 [ 300.488290][ T8484] netlink: 8 bytes leftover after parsing attributes in process `syz.4.805'. [ 301.550224][ T8501] binder: BINDER_SET_CONTEXT_MGR already set [ 301.570414][ T8501] binder: 8499:8501 ioctl 4018620d 20000100 returned -16 [ 302.144444][ T5085] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 302.212245][ T29] kauditd_printk_skb: 22 callbacks suppressed [ 302.212263][ T29] audit: type=1326 audit(1720373376.847:1310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8499 comm="syz.1.811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7beb175bd9 code=0x7ffc0000 [ 302.253591][ T29] audit: type=1326 audit(1720373376.877:1311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8499 comm="syz.1.811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7beb175bd9 code=0x7ffc0000 [ 302.281476][ T29] audit: type=1326 audit(1720373376.877:1312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8499 comm="syz.1.811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7beb175bd9 code=0x7ffc0000 [ 302.320496][ T29] audit: type=1326 audit(1720373376.877:1313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8499 comm="syz.1.811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7beb175bd9 code=0x7ffc0000 [ 302.343573][ T29] audit: type=1326 audit(1720373376.877:1314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8499 comm="syz.1.811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7beb174610 code=0x7ffc0000 [ 302.365025][ C1] vkms_vblank_simulate: vblank timer overrun [ 302.388858][ T29] audit: type=1326 audit(1720373376.877:1315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8499 comm="syz.1.811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7beb1757db code=0x7ffc0000 [ 302.447238][ T5085] usb 3-1: New USB device found, idVendor=0c45, idProduct=8001, bcdDevice=90.0a [ 302.467465][ T5085] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 302.485492][ T29] audit: type=1326 audit(1720373376.877:1316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8499 comm="syz.1.811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7beb1757db code=0x7ffc0000 [ 302.488518][ T5085] usb 3-1: config 0 descriptor?? [ 302.519064][ T5133] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 302.519473][ T5085] gspca_main: sn9c2028-2.14.0 probing 0c45:8001 [ 302.527520][ T29] audit: type=1326 audit(1720373376.887:1317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8499 comm="syz.1.811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7beb1757db code=0x7ffc0000 [ 302.527567][ T29] audit: type=1326 audit(1720373376.887:1318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8499 comm="syz.1.811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7beb1757db code=0x7ffc0000 [ 302.527610][ T29] audit: type=1326 audit(1720373377.027:1319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8499 comm="syz.1.811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7beb1757db code=0x7ffc0000 [ 302.599256][ T5131] usb 2-1: new full-speed USB device number 22 using dummy_hcd [ 302.722135][ T5085] gspca_sn9c2028: read1 error -32 [ 302.765448][ T9] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 302.804441][ T5133] usb 4-1: Using ep0 maxpacket: 32 [ 302.819670][ T5131] usb 2-1: config 0 has an invalid interface number: 3 but max is 0 [ 302.835317][ T5131] usb 2-1: config 0 has no interface number 0 [ 302.843471][ T5133] usb 4-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7 [ 302.847621][ T5131] usb 2-1: config 0 interface 3 altsetting 0 endpoint 0x83 has invalid maxpacket 512, setting to 64 [ 302.864232][ T5133] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 302.871007][ T5131] usb 2-1: config 0 interface 3 altsetting 0 has a duplicate endpoint with address 0x3, skipping [ 302.885464][ T5131] usb 2-1: config 0 interface 3 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 4 [ 302.914511][ T5090] Bluetooth: hci0: command tx timeout [ 302.922751][ T5133] usb 4-1: config 0 descriptor?? [ 302.936304][ T5133] gspca_main: sunplus-2.14.0 probing 041e:400b [ 302.950247][ T5131] usb 2-1: New USB device found, idVendor=05c6, idProduct=6001, bcdDevice=c3.7b [ 302.973499][ T5131] usb 2-1: New USB device strings: Mfr=1, Product=1, SerialNumber=3 [ 302.981912][ T9] usb 5-1: Using ep0 maxpacket: 8 [ 303.003123][ T5131] usb 2-1: Product: syz [ 303.011500][ T9] usb 5-1: New USB device found, idVendor=0402, idProduct=5602, bcdDevice=35.76 [ 303.029365][ T5131] usb 2-1: Manufacturer: syz [ 303.034587][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 303.050342][ T5131] usb 2-1: SerialNumber: syz [ 303.060628][ T9] usb 5-1: Product: syz [ 303.077606][ T5131] usb 2-1: config 0 descriptor?? [ 303.082859][ T9] usb 5-1: Manufacturer: syz [ 303.099054][ T9] usb 5-1: SerialNumber: syz [ 303.124689][ T9] usb 5-1: config 0 descriptor?? [ 303.159356][ T9] gspca_main: ALi m5602-2.14.0 probing 0402:5602 [ 303.235979][ T5085] gspca_sn9c2028: read1 error -110 [ 303.250669][ T5085] sn9c2028 3-1:0.0: probe with driver sn9c2028 failed with error -110 [ 303.593176][ T9] gspca_m5602: Failed to find a sensor [ 303.598948][ T9] ALi m5602 5-1:0.0: ALi m5602 webcam failed [ 303.610988][ T9] usb 5-1: USB disconnect, device number 19 [ 303.655017][ T5133] gspca_sunplus: reg_r err -32 [ 303.659873][ T5133] sunplus 4-1:0.0: probe with driver sunplus failed with error -32 [ 303.979870][ T9] usb 3-1: USB disconnect, device number 10 [ 304.580200][ T5130] usb 2-1: USB disconnect, device number 22 [ 305.402458][ T25] usb 4-1: USB disconnect, device number 20 [ 305.579196][ T8546] netlink: 4 bytes leftover after parsing attributes in process `syz.3.822'. [ 305.712311][ T8547] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 307.362623][ T5085] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 308.192831][ T5085] usb 5-1: Using ep0 maxpacket: 8 [ 308.219374][ T5085] usb 5-1: New USB device found, idVendor=0402, idProduct=5602, bcdDevice=35.76 [ 308.228958][ T5085] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 308.238110][ T5085] usb 5-1: Product: syz [ 308.249282][ T5085] usb 5-1: Manufacturer: syz [ 308.271862][ T5085] usb 5-1: SerialNumber: syz [ 308.355797][ T5085] usb 5-1: config 0 descriptor?? [ 308.368239][ T5085] gspca_main: ALi m5602-2.14.0 probing 0402:5602 [ 308.511949][ T29] kauditd_printk_skb: 31 callbacks suppressed [ 308.511963][ T29] audit: type=1326 audit(1720373383.147:1351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8567 comm="syz.1.828" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7beb175bd9 code=0x0 [ 308.539406][ C0] vkms_vblank_simulate: vblank timer overrun [ 308.626447][ T5085] gspca_m5602: Failed to find a sensor [ 308.632944][ T5085] ALi m5602 5-1:0.0: ALi m5602 webcam failed [ 308.661680][ T5085] usb 5-1: USB disconnect, device number 20 [ 309.379539][ T8576] binder: BINDER_SET_CONTEXT_MGR already set [ 309.410324][ T8576] binder: 8574:8576 ioctl 4018620d 20000100 returned -16 [ 309.451488][ T29] audit: type=1326 audit(1720373384.087:1352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8574 comm="syz.4.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46aa575bd9 code=0x7ffc0000 [ 309.482489][ T29] audit: type=1326 audit(1720373384.107:1353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8574 comm="syz.4.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46aa575bd9 code=0x7ffc0000 [ 309.504491][ T9] usb 2-1: new high-speed USB device number 23 using dummy_hcd [ 309.540217][ T29] audit: type=1326 audit(1720373384.107:1354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8574 comm="syz.4.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f46aa575bd9 code=0x7ffc0000 [ 309.740453][ T29] audit: type=1326 audit(1720373384.107:1355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8574 comm="syz.4.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46aa575bd9 code=0x7ffc0000 [ 309.797837][ T9] usb 2-1: Using ep0 maxpacket: 8 [ 309.865738][ T9] usb 2-1: New USB device found, idVendor=0402, idProduct=5602, bcdDevice=35.76 [ 309.884610][ T5130] usb 5-1: new full-speed USB device number 21 using dummy_hcd [ 309.889552][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 309.914480][ T29] audit: type=1326 audit(1720373384.117:1356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8574 comm="syz.4.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46aa575bd9 code=0x7ffc0000 [ 309.919886][ T9] usb 2-1: Product: syz [ 309.972149][ T9] usb 2-1: Manufacturer: syz [ 309.994282][ T9] usb 2-1: SerialNumber: syz [ 309.996782][ T29] audit: type=1326 audit(1720373384.117:1357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8574 comm="syz.4.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f46aa574610 code=0x7ffc0000 [ 310.021630][ T29] audit: type=1326 audit(1720373384.117:1358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8574 comm="syz.4.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f46aa5757db code=0x7ffc0000 [ 310.043379][ T29] audit: type=1326 audit(1720373384.117:1359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8574 comm="syz.4.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f46aa5757db code=0x7ffc0000 [ 311.538680][ T9] usb 2-1: config 0 descriptor?? [ 311.552896][ T9] gspca_main: ALi m5602-2.14.0 probing 0402:5602 [ 311.560572][ T5130] usb 5-1: config 0 has an invalid interface number: 3 but max is 0 [ 311.561960][ T29] audit: type=1326 audit(1720373384.117:1360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8574 comm="syz.4.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f46aa5757db code=0x7ffc0000 [ 311.590045][ C0] vkms_vblank_simulate: vblank timer overrun [ 313.543646][ T9] gspca_m5602: Failed to find a sensor [ 313.553681][ T29] audit: type=1326 audit(1720373384.117:1361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8574 comm="syz.4.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f46aa5757db code=0x7ffc0000 [ 313.565008][ T5130] usb 5-1: config 0 has no interface number 0 [ 313.585433][ T9] ALi m5602 2-1:0.0: ALi m5602 webcam failed [ 313.600519][ T5130] usb 5-1: config 0 interface 3 altsetting 0 endpoint 0x83 has invalid maxpacket 512, setting to 64 [ 313.611878][ T5130] usb 5-1: config 0 interface 3 altsetting 0 has a duplicate endpoint with address 0x3, skipping [ 313.622597][ T5130] usb 5-1: config 0 interface 3 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 4 [ 313.635668][ T29] audit: type=1326 audit(1720373384.357:1362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8574 comm="syz.4.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f46aa5757db code=0x7ffc0000 [ 313.658206][ T29] audit: type=1326 audit(1720373384.447:1363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8574 comm="syz.4.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f46aa5757db code=0x7ffc0000 [ 313.693512][ T29] audit: type=1326 audit(1720373384.587:1364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8574 comm="syz.4.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f46aa5757db code=0x7ffc0000 [ 313.702530][ T9] usb 2-1: USB disconnect, device number 23 [ 313.759986][ T5130] usb 5-1: string descriptor 0 read error: -71 [ 313.995315][ T5130] usb 5-1: New USB device found, idVendor=05c6, idProduct=6001, bcdDevice=c3.7b [ 314.018655][ T29] audit: type=1326 audit(1720373384.587:1365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8574 comm="syz.4.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f46aa5757db code=0x7ffc0000 [ 314.040555][ T5130] usb 5-1: New USB device strings: Mfr=1, Product=1, SerialNumber=3 [ 314.050065][ T29] audit: type=1326 audit(1720373384.727:1366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8574 comm="syz.4.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f46aa5757db code=0x7ffc0000 [ 314.073906][ T5130] usb 5-1: config 0 descriptor?? [ 314.080292][ T5130] usb 5-1: can't set config #0, error -71 [ 314.143736][ T29] audit: type=1326 audit(1720373384.727:1367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8574 comm="syz.4.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f46aa5757db code=0x7ffc0000 [ 314.540744][ T29] audit: type=1326 audit(1720373386.187:1368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8574 comm="syz.4.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f46aa5757db code=0x7ffc0000 [ 314.737147][ T29] audit: type=1326 audit(1720373386.187:1369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8574 comm="syz.4.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f46aa5757db code=0x7ffc0000 [ 314.830001][ T5130] usb 5-1: USB disconnect, device number 21 [ 314.837134][ T29] audit: type=1326 audit(1720373386.187:1370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8574 comm="syz.4.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f46aa5757db code=0x7ffc0000 [ 316.076297][ T8612] netlink: 4 bytes leftover after parsing attributes in process `syz.0.839'. [ 316.669241][ T8624] netlink: 8 bytes leftover after parsing attributes in process `syz.2.843'. [ 317.479094][ T1249] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.485627][ T1249] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.654595][ T5130] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 317.864557][ T5130] usb 3-1: Using ep0 maxpacket: 8 [ 317.924545][ T5130] usb 3-1: New USB device found, idVendor=0402, idProduct=5602, bcdDevice=35.76 [ 317.959461][ T5130] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 317.979041][ T5130] usb 3-1: Product: syz [ 317.988688][ T5130] usb 3-1: Manufacturer: syz [ 317.998211][ T5130] usb 3-1: SerialNumber: syz [ 318.006615][ T5130] usb 3-1: config 0 descriptor?? [ 318.014500][ T5130] gspca_main: ALi m5602-2.14.0 probing 0402:5602 [ 318.290815][ T5130] gspca_m5602: Failed to find a sensor [ 318.296561][ T5130] ALi m5602 3-1:0.0: ALi m5602 webcam failed [ 318.304732][ T5130] usb 3-1: USB disconnect, device number 11 [ 320.314646][ T8668] netlink: 8 bytes leftover after parsing attributes in process `syz.1.855'. [ 320.334748][ T5133] usb 1-1: new high-speed USB device number 22 using dummy_hcd [ 320.489495][ T8675] netlink: 'syz.1.859': attribute type 6 has an invalid length. [ 320.529631][ T8677] netlink: 32 bytes leftover after parsing attributes in process `syz.2.858'. [ 320.544604][ T5133] usb 1-1: Using ep0 maxpacket: 16 [ 320.555393][ T5133] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 320.569312][ T5133] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 320.580947][ T5133] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 320.604640][ T5133] usb 1-1: config 0 descriptor?? [ 321.671937][ T8662] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 321.711270][ T8662] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 321.735705][ T25] usb 2-1: new high-speed USB device number 24 using dummy_hcd [ 321.752668][ T5133] hid (null): report_id 2838798905 is invalid [ 321.759547][ T5133] hid (null): unknown global tag 0xc [ 321.767329][ T5133] hid (null): unknown global tag 0xa5 [ 321.774132][ T5133] hid (null): unknown global tag 0xd [ 321.786413][ T5133] hid (null): unknown global tag 0xc [ 321.795138][ T5133] hid-generic 0003:0158:0100.0009: unknown main item tag 0x1 [ 321.802521][ T5133] hid-generic 0003:0158:0100.0009: unexpected long global item [ 321.812455][ T5133] hid-generic 0003:0158:0100.0009: probe with driver hid-generic failed with error -22 [ 321.911248][ T8693] netlink: 4 bytes leftover after parsing attributes in process `syz.3.863'. [ 321.937175][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 321.959809][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 321.993307][ T25] usb 2-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00 [ 322.010262][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 322.037837][ T25] usb 2-1: config 0 descriptor?? [ 322.081329][ T5133] usb 1-1: USB disconnect, device number 22 [ 322.465646][ T25] hid-led 0003:1D34:000A.000A: unknown main item tag 0x0 [ 322.675131][ T25] hid-led 0003:1D34:000A.000A: hidraw0: USB HID v0.00 Device [HID 1d34:000a] on usb-dummy_hcd.1-1/input0 [ 322.751036][ T25] hid-led 0003:1D34:000A.000A: Dream Cheeky Webmail Notifier initialized [ 323.977528][ T9] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 324.013266][ T8707] netlink: 8 bytes leftover after parsing attributes in process `syz.4.869'. [ 324.110534][ T5132] usb 2-1: USB disconnect, device number 24 [ 324.204696][ T9] usb 3-1: Using ep0 maxpacket: 8 [ 324.220937][ T8713] netlink: 48 bytes leftover after parsing attributes in process `syz.4.872'. [ 324.259200][ T9] usb 3-1: New USB device found, idVendor=0402, idProduct=5602, bcdDevice=35.76 [ 324.279233][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 324.304248][ T9] usb 3-1: Product: syz [ 324.321767][ T9] usb 3-1: Manufacturer: syz [ 324.340121][ T9] usb 3-1: SerialNumber: syz [ 324.363857][ T9] usb 3-1: config 0 descriptor?? [ 324.386046][ T9] gspca_main: ALi m5602-2.14.0 probing 0402:5602 [ 324.599117][ T9] gspca_m5602: Failed to find a sensor [ 324.615299][ T9] ALi m5602 3-1:0.0: ALi m5602 webcam failed [ 324.640385][ T9] usb 3-1: USB disconnect, device number 12 [ 324.895105][ T8719] netlink: 32 bytes leftover after parsing attributes in process `syz.1.874'. [ 326.112040][ T8740] netlink: 8 bytes leftover after parsing attributes in process `syz.4.880'. [ 326.118797][ T8738] netlink: 4 bytes leftover after parsing attributes in process `syz.2.879'. [ 326.445720][ T5130] usb 4-1: new high-speed USB device number 21 using dummy_hcd [ 326.634623][ T5130] usb 4-1: Using ep0 maxpacket: 32 [ 326.650931][ T5130] usb 4-1: config index 0 descriptor too short (expected 29220, got 36) [ 326.674408][ T5130] usb 4-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 326.700952][ T5130] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 326.731366][ T5130] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 326.774547][ T5130] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 326.803597][ T5130] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 326.829566][ T5130] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 326.874394][ T5130] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 326.900997][ T5130] usb 4-1: config 0 descriptor?? [ 326.994505][ T9] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 327.127376][ T5130] usblp 4-1:0.0: usblp0: USB Bidirectional printer dev 21 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 327.184452][ T9] usb 5-1: Using ep0 maxpacket: 32 [ 327.191810][ T5130] usb 4-1: USB disconnect, device number 21 [ 327.215079][ T5130] usblp0: removed [ 327.226314][ T9] usb 5-1: config index 0 descriptor too short (expected 29220, got 36) [ 327.264521][ T9] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 327.303039][ T9] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 327.324233][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 327.354434][ T9] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 327.391070][ T9] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 327.411621][ T9] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 327.421069][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 327.462634][ T9] usb 5-1: config 0 descriptor?? [ 327.716696][ T9] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 22 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 327.775728][ T9] usb 5-1: USB disconnect, device number 22 [ 327.832399][ T9] usblp0: removed [ 328.864670][ T5131] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 329.084514][ T5132] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 329.084828][ T5131] usb 3-1: Using ep0 maxpacket: 8 [ 329.153141][ T5131] usb 3-1: New USB device found, idVendor=0402, idProduct=5602, bcdDevice=35.76 [ 329.182786][ T5131] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 329.190983][ T5131] usb 3-1: Product: syz [ 329.195282][ T5131] usb 3-1: Manufacturer: syz [ 329.199861][ T5131] usb 3-1: SerialNumber: syz [ 329.256956][ T5131] usb 3-1: config 0 descriptor?? [ 329.264423][ T5132] usb 5-1: device descriptor read/64, error -71 [ 329.275729][ T5131] gspca_main: ALi m5602-2.14.0 probing 0402:5602 [ 329.384841][ T8793] netlink: 8 bytes leftover after parsing attributes in process `syz.1.893'. [ 329.414962][ T8790] netlink: 32 bytes leftover after parsing attributes in process `syz.0.892'. [ 329.584616][ T5132] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 329.608316][ T8797] netlink: 40 bytes leftover after parsing attributes in process `syz.1.894'. [ 329.636992][ T5131] gspca_m5602: Failed to find a sensor [ 329.654612][ T5131] ALi m5602 3-1:0.0: ALi m5602 webcam failed [ 329.697906][ T5131] usb 3-1: USB disconnect, device number 13 [ 329.776437][ T5132] usb 5-1: device descriptor read/64, error -71 [ 329.914403][ T9] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 330.062959][ T5132] usb usb5-port1: attempt power cycle [ 330.266332][ T9] usb 4-1: device descriptor read/64, error -71 [ 330.564496][ T9] usb 4-1: new high-speed USB device number 23 using dummy_hcd [ 330.744550][ T9] usb 4-1: device descriptor read/64, error -71 [ 330.895791][ T9] usb usb4-port1: attempt power cycle [ 331.992183][ T8837] netlink: 8 bytes leftover after parsing attributes in process `syz.3.904'. [ 332.646506][ T5131] usb 4-1: new high-speed USB device number 25 using dummy_hcd [ 332.710902][ T5090] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection [ 332.758018][ T8867] netlink: 8 bytes leftover after parsing attributes in process `syz.1.915'. [ 332.778267][ T5088] Bluetooth: Unexpected continuation frame (len 18) [ 332.863205][ T5131] usb 4-1: Using ep0 maxpacket: 8 [ 333.034699][ T5131] usb 4-1: New USB device found, idVendor=0402, idProduct=5602, bcdDevice=35.76 [ 333.050939][ T5131] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 333.062105][ T5131] usb 4-1: Product: syz [ 334.207241][ T5131] usb 4-1: Manufacturer: syz [ 334.222551][ T5131] usb 4-1: SerialNumber: syz [ 334.243318][ T5131] usb 4-1: config 0 descriptor?? [ 334.251788][ T5131] gspca_main: ALi m5602-2.14.0 probing 0402:5602 [ 334.665724][ T5131] gspca_m5602: Failed to find a sensor [ 334.683663][ T5131] ALi m5602 4-1:0.0: ALi m5602 webcam failed [ 334.704754][ T5131] usb 4-1: USB disconnect, device number 25 [ 335.318680][ T8906] netlink: 20 bytes leftover after parsing attributes in process `syz.1.926'. [ 336.525596][ T5088] Bluetooth: hci0: unexpected event 0x04 length: 11 > 10 [ 337.633033][ T8947] netlink: 20 bytes leftover after parsing attributes in process `syz.0.938'. [ 337.884753][ T5131] usb 5-1: new high-speed USB device number 26 using dummy_hcd [ 338.084371][ T5131] usb 5-1: Using ep0 maxpacket: 8 [ 338.106217][ T5131] usb 5-1: New USB device found, idVendor=0402, idProduct=5602, bcdDevice=35.76 [ 338.261205][ T5131] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 338.286455][ T5131] usb 5-1: Product: syz [ 338.293975][ T5131] usb 5-1: Manufacturer: syz [ 338.298839][ T5131] usb 5-1: SerialNumber: syz [ 338.306427][ T5131] usb 5-1: config 0 descriptor?? [ 338.317478][ T5131] gspca_main: ALi m5602-2.14.0 probing 0402:5602 [ 338.594889][ T5088] Bluetooth: hci0: command tx timeout [ 338.806697][ T5131] gspca_m5602: Failed to find a sensor [ 338.812209][ T5131] ALi m5602 5-1:0.0: ALi m5602 webcam failed [ 338.842999][ T5131] usb 5-1: USB disconnect, device number 26 [ 340.154417][ T8991] netlink: 20 bytes leftover after parsing attributes in process `syz.4.952'. [ 340.674443][ T5133] usb 5-1: new high-speed USB device number 27 using dummy_hcd [ 340.884444][ T5133] usb 5-1: Using ep0 maxpacket: 16 [ 341.038789][ T5133] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 341.053109][ T5133] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 341.062670][ T5133] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 341.163400][ T5133] usb 5-1: config 0 descriptor?? [ 341.854675][ T8999] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 341.882758][ T8999] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 341.918833][ T5133] hid (null): report_id 2838798905 is invalid [ 341.934399][ T5133] hid (null): unknown global tag 0xc [ 341.939762][ T5133] hid (null): unknown global tag 0xa5 [ 341.953746][ T5133] hid (null): unknown global tag 0xd [ 341.959383][ T5133] hid (null): unknown global tag 0xc [ 341.981212][ T5133] hid-generic 0003:0158:0100.000B: unknown main item tag 0x1 [ 342.004446][ T5133] hid-generic 0003:0158:0100.000B: unexpected long global item [ 342.015874][ T5132] usb 2-1: new high-speed USB device number 25 using dummy_hcd [ 342.025140][ T5133] hid-generic 0003:0158:0100.000B: probe with driver hid-generic failed with error -22 [ 342.199558][ T5132] usb 2-1: device descriptor read/64, error -71 [ 342.210897][ T5133] usb 5-1: USB disconnect, device number 27 [ 342.504632][ T5132] usb 2-1: new high-speed USB device number 26 using dummy_hcd [ 342.784503][ T5132] usb 2-1: device descriptor read/64, error -71 [ 342.905073][ T5132] usb usb2-port1: attempt power cycle [ 343.026743][ T9035] netlink: 'syz.3.966': attribute type 72 has an invalid length. [ 343.055429][ T9035] netlink: 12 bytes leftover after parsing attributes in process `syz.3.966'. [ 344.464465][ T5088] Bluetooth: hci0: link tx timeout [ 344.470975][ T5088] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 344.524935][ T5132] usb 2-1: new high-speed USB device number 27 using dummy_hcd [ 344.578419][ T5132] usb 2-1: device descriptor read/8, error -71 [ 345.787980][ T9078] netlink: 'syz.2.978': attribute type 72 has an invalid length. [ 345.799495][ T9078] netlink: 12 bytes leftover after parsing attributes in process `syz.2.978'. [ 346.514639][ T5090] Bluetooth: hci0: command 0x0406 tx timeout [ 348.193623][ T9113] netlink: 'syz.2.989': attribute type 72 has an invalid length. [ 348.226366][ T9113] netlink: 12 bytes leftover after parsing attributes in process `syz.2.989'. [ 348.411479][ T9117] netlink: 40 bytes leftover after parsing attributes in process `syz.1.990'. [ 350.097874][ T9143] netlink: 4 bytes leftover after parsing attributes in process `syz.3.995'. [ 350.256204][ T9147] binder: BINDER_SET_CONTEXT_MGR already set [ 350.262364][ T9147] binder: 9144:9147 ioctl 4018620d 20000100 returned -16 [ 350.459192][ T29] kauditd_printk_skb: 4 callbacks suppressed [ 350.459210][ T29] audit: type=1326 audit(1720373425.097:1375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9144 comm="syz.1.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7beb175bd9 code=0x7ffc0000 [ 351.268976][ T9142] netlink: 32 bytes leftover after parsing attributes in process `syz.0.996'. [ 351.323715][ T29] audit: type=1326 audit(1720373425.877:1376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9144 comm="syz.1.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7beb175bd9 code=0x7ffc0000 [ 351.360661][ T29] audit: type=1326 audit(1720373425.877:1377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9144 comm="syz.1.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7beb175bd9 code=0x7ffc0000 [ 351.382674][ T29] audit: type=1326 audit(1720373425.877:1378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9144 comm="syz.1.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7beb175bd9 code=0x7ffc0000 [ 351.423504][ T29] audit: type=1326 audit(1720373425.887:1379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9144 comm="syz.1.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7beb174610 code=0x7ffc0000 [ 351.451921][ T29] audit: type=1326 audit(1720373425.887:1380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9144 comm="syz.1.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7beb1757db code=0x7ffc0000 [ 351.494230][ T29] audit: type=1326 audit(1720373425.887:1381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9144 comm="syz.1.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7beb1757db code=0x7ffc0000 [ 351.519793][ T29] audit: type=1326 audit(1720373425.887:1382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9144 comm="syz.1.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7beb1757db code=0x7ffc0000 [ 351.546050][ T29] audit: type=1326 audit(1720373425.887:1383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9144 comm="syz.1.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7beb1757db code=0x7ffc0000 [ 351.604635][ T5134] usb 2-1: new full-speed USB device number 29 using dummy_hcd [ 351.708235][ T29] audit: type=1326 audit(1720373426.087:1384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9144 comm="syz.1.997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7beb1757db code=0x7ffc0000 [ 351.791018][ T9163] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1001'. [ 351.806955][ T5134] usb 2-1: config 0 has an invalid interface number: 3 but max is 0 [ 351.818818][ T5134] usb 2-1: config 0 has no interface number 0 [ 351.843269][ T5134] usb 2-1: config 0 interface 3 altsetting 0 endpoint 0x83 has invalid maxpacket 512, setting to 64 [ 351.879356][ T5134] usb 2-1: config 0 interface 3 altsetting 0 has a duplicate endpoint with address 0x3, skipping [ 351.908554][ T5134] usb 2-1: config 0 interface 3 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 4 [ 351.932843][ T5134] usb 2-1: New USB device found, idVendor=05c6, idProduct=6001, bcdDevice=c3.7b [ 351.946366][ T5134] usb 2-1: New USB device strings: Mfr=1, Product=1, SerialNumber=3 [ 351.958124][ T5134] usb 2-1: Product: syz [ 351.967709][ T9167] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1002'. [ 351.978907][ T5134] usb 2-1: Manufacturer: syz [ 351.991495][ T5134] usb 2-1: SerialNumber: syz [ 352.016301][ T5134] usb 2-1: config 0 descriptor?? [ 353.377080][ T5090] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 353.388797][ T5090] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 353.396931][ T5090] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 353.404989][ T5090] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 353.412657][ T5090] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 353.428572][ T5090] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 353.680146][ T5995] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 353.865114][ T5995] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 354.875982][ T5995] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 354.928277][ T5131] usb 2-1: USB disconnect, device number 29 [ 355.000555][ T9202] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1013'. [ 355.025954][ T5995] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 355.145326][ T9210] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1014'. [ 355.494456][ T5088] Bluetooth: hci0: command tx timeout [ 355.501578][ T29] kauditd_printk_skb: 33 callbacks suppressed [ 355.501595][ T29] audit: type=1326 audit(1720373430.107:1418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9209 comm="syz.0.1015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7f6cc7375bd9 code=0x7ffc0000 [ 355.998527][ T9185] chnl_net:caif_netlink_parms(): no params data found [ 356.062479][ T5995] bridge_slave_1: left allmulticast mode [ 356.082716][ T5995] bridge_slave_1: left promiscuous mode [ 356.109218][ T5995] bridge0: port 2(bridge_slave_1) entered disabled state [ 356.296403][ T9231] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1018'. [ 356.324001][ T5995] bridge_slave_0: left allmulticast mode [ 356.335911][ T5995] bridge_slave_0: left promiscuous mode [ 356.341721][ T5995] bridge0: port 1(bridge_slave_0) entered disabled state [ 356.674837][ T5130] usb 4-1: new high-speed USB device number 26 using dummy_hcd [ 356.874991][ T5130] usb 4-1: Using ep0 maxpacket: 32 [ 356.896699][ T5130] usb 4-1: config index 0 descriptor too short (expected 29220, got 36) [ 356.916160][ T5130] usb 4-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 356.934378][ T5130] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 356.963262][ T5130] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 357.014530][ T5130] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 357.036327][ T5130] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 357.115892][ T5130] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 357.145212][ T5130] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 357.215668][ T5130] usb 4-1: config 0 descriptor?? [ 357.437826][ T5130] usblp 4-1:0.0: usblp0: USB Bidirectional printer dev 26 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 358.159318][ T5088] Bluetooth: hci0: command tx timeout [ 358.189127][ T5130] usb 4-1: USB disconnect, device number 26 [ 358.237246][ T5130] usblp0: removed [ 358.558112][ T5995] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 358.646956][ T5995] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 358.670817][ T5995] bond0 (unregistering): Released all slaves [ 359.285517][ T9254] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1023'. [ 359.324469][ T25] usb 4-1: new high-speed USB device number 27 using dummy_hcd [ 359.507064][ T25] usb 4-1: device descriptor read/64, error -71 [ 359.707598][ T5995] hsr_slave_0: left promiscuous mode [ 359.784506][ T5995] hsr_slave_1: left promiscuous mode [ 359.819697][ T5995] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 359.827655][ T25] usb 4-1: new high-speed USB device number 28 using dummy_hcd [ 359.848089][ T5995] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 359.876895][ T5995] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 359.904443][ T5995] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 360.032988][ T25] usb 4-1: device descriptor read/64, error -71 [ 360.194720][ T5088] Bluetooth: hci0: command tx timeout [ 360.305353][ T5995] veth1_macvtap: left promiscuous mode [ 360.344788][ T25] usb usb4-port1: attempt power cycle [ 360.362109][ T5995] veth0_macvtap: left promiscuous mode [ 360.458326][ T5995] veth1_vlan: left promiscuous mode [ 360.464058][ T5995] veth0_vlan: left promiscuous mode [ 360.650990][ T9282] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1031'. [ 362.274518][ T5088] Bluetooth: hci0: command tx timeout [ 362.722339][ T5995] team0 (unregistering): Port device team_slave_1 removed [ 362.797766][ T5995] team0 (unregistering): Port device team_slave_0 removed [ 363.361305][ T9185] bridge0: port 1(bridge_slave_0) entered blocking state [ 363.384537][ T9185] bridge0: port 1(bridge_slave_0) entered disabled state [ 363.391832][ T9185] bridge_slave_0: entered allmulticast mode [ 363.405075][ T9185] bridge_slave_0: entered promiscuous mode [ 363.425825][ T9185] bridge0: port 2(bridge_slave_1) entered blocking state [ 363.433007][ T9185] bridge0: port 2(bridge_slave_1) entered disabled state [ 363.471155][ T9185] bridge_slave_1: entered allmulticast mode [ 363.498785][ T9185] bridge_slave_1: entered promiscuous mode [ 363.857459][ T9185] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 363.901605][ T9185] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 364.103570][ T9185] team0: Port device team_slave_0 added [ 364.120461][ T9185] team0: Port device team_slave_1 added [ 364.204874][ T9185] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 364.222084][ T9185] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 364.273701][ T9185] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 364.484690][ T9185] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 364.494434][ T9185] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 364.821789][ T9185] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 365.433947][ T9185] hsr_slave_0: entered promiscuous mode [ 365.458317][ T9185] hsr_slave_1: entered promiscuous mode [ 365.718762][ T9341] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1046'. [ 366.568194][ T9185] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 366.630250][ T9185] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 366.672865][ T9185] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 366.717261][ T9185] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 367.021552][ T9185] 8021q: adding VLAN 0 to HW filter on device bond0 [ 367.139865][ T9185] 8021q: adding VLAN 0 to HW filter on device team0 [ 367.204664][ T5134] bridge0: port 1(bridge_slave_0) entered blocking state [ 367.211790][ T5134] bridge0: port 1(bridge_slave_0) entered forwarding state [ 367.275433][ T5134] bridge0: port 2(bridge_slave_1) entered blocking state [ 367.282631][ T5134] bridge0: port 2(bridge_slave_1) entered forwarding state [ 368.878248][ T9185] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 369.577282][ T9185] veth0_vlan: entered promiscuous mode [ 369.628442][ T9185] veth1_vlan: entered promiscuous mode [ 369.698927][ T9185] veth0_macvtap: entered promiscuous mode [ 369.721946][ T9185] veth1_macvtap: entered promiscuous mode [ 369.743572][ T9185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 369.841633][ T9185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 369.862801][ T9185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 369.875530][ T9185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 369.885777][ T9185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 369.904321][ T9185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 369.926752][ T9185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 369.940630][ T9185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 369.971336][ T9185] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 369.996846][ T9403] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1060'. [ 370.010770][ T9404] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1062'. [ 370.026131][ T9185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 370.045611][ T9185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 370.062304][ T9185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 370.093108][ T9185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 370.122503][ T9185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 370.327926][ T9185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 370.365774][ T9185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 370.382128][ T9185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 370.399603][ T9185] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 370.426376][ T9185] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 370.514484][ T9185] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 370.538742][ T9185] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 370.557246][ T9185] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 370.869051][ T1094] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 370.883695][ T1094] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 370.986013][ T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 371.035273][ T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 372.858146][ T29] audit: type=1326 audit(1720373447.497:1419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9441 comm="syz.2.1070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f152a575bd9 code=0x7ffc0000 [ 372.879705][ C1] vkms_vblank_simulate: vblank timer overrun [ 373.054581][ T29] audit: type=1326 audit(1720373447.517:1420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9441 comm="syz.2.1070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7f152a575bd9 code=0x7ffc0000 [ 378.917024][ T1249] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.930780][ T1249] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.279931][ T9492] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1083'. [ 379.390783][ T9497] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1084'. [ 379.556042][ T9499] netlink: 'syz.1.1085': attribute type 6 has an invalid length. [ 381.714444][ T5133] usb 2-1: new high-speed USB device number 30 using dummy_hcd [ 382.000199][ T5133] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 382.039317][ T5133] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 382.823572][ T5133] usb 2-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00 [ 382.844266][ T5133] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 382.889875][ T5133] usb 2-1: config 0 descriptor?? [ 382.934642][ T5133] usb 2-1: can't set config #0, error -71 [ 382.963825][ T5133] usb 2-1: USB disconnect, device number 30 [ 382.996743][ T9519] binder: BINDER_SET_CONTEXT_MGR already set [ 383.002852][ T9519] binder: 9516:9519 ioctl 4018620d 20000100 returned -16 [ 384.021925][ T29] audit: type=1326 audit(1720373458.657:1421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9516 comm="syz.0.1090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6cc7375bd9 code=0x7ffc0000 [ 384.169123][ T29] audit: type=1326 audit(1720373458.697:1422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9516 comm="syz.0.1090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6cc7375bd9 code=0x7ffc0000 [ 384.264843][ T29] audit: type=1326 audit(1720373458.697:1423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9516 comm="syz.0.1090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6cc7375bd9 code=0x7ffc0000 [ 384.290242][ T29] audit: type=1326 audit(1720373458.697:1424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9516 comm="syz.0.1090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6cc7375bd9 code=0x7ffc0000 [ 384.326835][ T29] audit: type=1326 audit(1720373458.697:1425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9516 comm="syz.0.1090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6cc7374610 code=0x7ffc0000 [ 384.351993][ T29] audit: type=1326 audit(1720373458.697:1426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9516 comm="syz.0.1090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6cc73757db code=0x7ffc0000 [ 384.392139][ T29] audit: type=1326 audit(1720373458.697:1427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9516 comm="syz.0.1090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6cc73757db code=0x7ffc0000 [ 384.594697][ T5130] usb 1-1: new full-speed USB device number 23 using dummy_hcd [ 384.605937][ T29] audit: type=1326 audit(1720373458.707:1428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9516 comm="syz.0.1090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6cc73757db code=0x7ffc0000 [ 384.889368][ T29] audit: type=1326 audit(1720373458.707:1429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9516 comm="syz.0.1090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6cc73757db code=0x7ffc0000 [ 384.969442][ T5130] usb 1-1: config 0 has an invalid interface number: 3 but max is 0 [ 385.002182][ T29] audit: type=1326 audit(1720373459.067:1430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9516 comm="syz.0.1090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6cc73757db code=0x7ffc0000 [ 385.048203][ T5130] usb 1-1: config 0 has no interface number 0 [ 385.092805][ T5130] usb 1-1: config 0 interface 3 altsetting 0 endpoint 0x83 has invalid maxpacket 512, setting to 64 [ 385.164377][ T5130] usb 1-1: config 0 interface 3 altsetting 0 has a duplicate endpoint with address 0x3, skipping [ 385.249782][ T5130] usb 1-1: config 0 interface 3 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 4 [ 385.397669][ T5130] usb 1-1: New USB device found, idVendor=05c6, idProduct=6001, bcdDevice=c3.7b [ 385.440343][ T5130] usb 1-1: New USB device strings: Mfr=1, Product=1, SerialNumber=3 [ 385.477765][ T5130] usb 1-1: Product: syz [ 385.500792][ T5130] usb 1-1: Manufacturer: syz [ 385.509973][ T5130] usb 1-1: SerialNumber: syz [ 385.550445][ T5130] usb 1-1: config 0 descriptor?? [ 386.554058][ T5131] usb 1-1: USB disconnect, device number 23 [ 387.882161][ T9556] binder: BINDER_SET_CONTEXT_MGR already set [ 387.894321][ T9556] binder: 9548:9556 ioctl 4018620d 20000100 returned -16 [ 388.912182][ T9572] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1105'. [ 389.035449][ T9575] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1106'. [ 389.319723][ T29] kauditd_printk_skb: 28 callbacks suppressed [ 389.319743][ T29] audit: type=1326 audit(1720373463.957:1459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9548 comm="syz.0.1101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6cc7375bd9 code=0x7ffc0000 [ 389.436202][ T29] audit: type=1326 audit(1720373463.957:1460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9548 comm="syz.0.1101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6cc7375bd9 code=0x7ffc0000 [ 389.551670][ T29] audit: type=1326 audit(1720373463.987:1461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9548 comm="syz.0.1101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6cc7375bd9 code=0x7ffc0000 [ 389.633149][ T29] audit: type=1326 audit(1720373463.987:1462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9548 comm="syz.0.1101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6cc7375bd9 code=0x7ffc0000 [ 389.786221][ T5085] usb 1-1: new full-speed USB device number 24 using dummy_hcd [ 389.899001][ T29] audit: type=1326 audit(1720373463.997:1463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9548 comm="syz.0.1101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6cc7375bd9 code=0x7ffc0000 [ 389.987363][ T29] audit: type=1326 audit(1720373464.037:1464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9548 comm="syz.0.1101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6cc7374610 code=0x7ffc0000 [ 390.078330][ T5085] usb 1-1: config 0 has an invalid interface number: 3 but max is 0 [ 390.098724][ T5085] usb 1-1: config 0 has no interface number 0 [ 390.132732][ T29] audit: type=1326 audit(1720373464.037:1465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9548 comm="syz.0.1101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6cc73757db code=0x7ffc0000 [ 390.162520][ T5085] usb 1-1: config 0 interface 3 altsetting 0 endpoint 0x83 has invalid maxpacket 512, setting to 64 [ 390.204388][ T29] audit: type=1326 audit(1720373464.037:1466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9548 comm="syz.0.1101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6cc73757db code=0x7ffc0000 [ 390.247460][ T5085] usb 1-1: config 0 interface 3 altsetting 0 has a duplicate endpoint with address 0x3, skipping [ 390.264940][ T5085] usb 1-1: config 0 interface 3 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 4 [ 390.342443][ T5085] usb 1-1: New USB device found, idVendor=05c6, idProduct=6001, bcdDevice=c3.7b [ 390.344471][ T29] audit: type=1326 audit(1720373464.047:1467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9548 comm="syz.0.1101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6cc73757db code=0x7ffc0000 [ 390.400744][ T5085] usb 1-1: New USB device strings: Mfr=1, Product=1, SerialNumber=3 [ 390.440044][ T5085] usb 1-1: Product: syz [ 390.468182][ T5085] usb 1-1: Manufacturer: syz [ 390.476943][ T29] audit: type=1326 audit(1720373464.047:1468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9548 comm="syz.0.1101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6cc73757db code=0x7ffc0000 [ 390.498522][ C1] vkms_vblank_simulate: vblank timer overrun [ 390.526702][ T5085] usb 1-1: SerialNumber: syz [ 390.557743][ T5085] usb 1-1: config 0 descriptor?? [ 390.577874][ T9588] binder: BINDER_SET_CONTEXT_MGR already set [ 390.579972][ T5085] usb 1-1: can't set config #0, error -71 [ 390.584071][ T9588] binder: 9585:9588 ioctl 4018620d 20000100 returned -16 [ 390.624119][ T5085] usb 1-1: USB disconnect, device number 24 [ 390.924491][ T5131] usb 4-1: new full-speed USB device number 30 using dummy_hcd [ 391.305767][ T5131] usb 4-1: config 0 has an invalid interface number: 3 but max is 0 [ 391.325211][ T5131] usb 4-1: config 0 has no interface number 0 [ 391.359967][ T5131] usb 4-1: config 0 interface 3 altsetting 0 endpoint 0x83 has invalid maxpacket 512, setting to 64 [ 391.394969][ T5131] usb 4-1: config 0 interface 3 altsetting 0 has a duplicate endpoint with address 0x3, skipping [ 391.428278][ T5131] usb 4-1: config 0 interface 3 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 4 [ 391.463949][ T51] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 391.478326][ T5131] usb 4-1: New USB device found, idVendor=05c6, idProduct=6001, bcdDevice=c3.7b [ 391.488218][ T5131] usb 4-1: New USB device strings: Mfr=1, Product=1, SerialNumber=3 [ 391.510272][ T5131] usb 4-1: Product: syz [ 391.520044][ T5131] usb 4-1: Manufacturer: syz [ 391.524751][ T5131] usb 4-1: SerialNumber: syz [ 391.530358][ T5090] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 391.547007][ T5131] usb 4-1: config 0 descriptor?? [ 391.557216][ T5090] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 391.567492][ T5090] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 391.580985][ T5090] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 391.595801][ T5090] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 391.605923][ T5090] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 391.699769][ T51] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 392.052562][ T51] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 392.899174][ T9606] syz.1.1117 uses obsolete (PF_INET,SOCK_PACKET) [ 393.005944][ T51] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 393.494788][ T5131] usb 4-1: USB disconnect, device number 30 [ 393.575914][ T51] bridge_slave_1: left allmulticast mode [ 393.592803][ T51] bridge_slave_1: left promiscuous mode [ 393.608805][ T51] bridge0: port 2(bridge_slave_1) entered disabled state [ 393.634696][ T5090] Bluetooth: hci2: command tx timeout [ 393.671485][ T51] bridge_slave_0: left allmulticast mode [ 393.689716][ T51] bridge_slave_0: left promiscuous mode [ 393.705541][ T51] bridge0: port 1(bridge_slave_0) entered disabled state [ 394.144504][ T5085] usb 2-1: new high-speed USB device number 31 using dummy_hcd [ 394.297517][ T9634] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1125'. [ 394.311969][ T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 394.328530][ T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 394.349555][ T5085] usb 2-1: New USB device found, idVendor=0c45, idProduct=8001, bcdDevice=90.0a [ 394.363896][ T51] bond0 (unregistering): Released all slaves [ 394.379369][ T5085] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 394.390497][ T5085] usb 2-1: config 0 descriptor?? [ 394.406927][ T5085] gspca_main: sn9c2028-2.14.0 probing 0c45:8001 [ 394.589497][ T9597] chnl_net:caif_netlink_parms(): no params data found [ 394.605206][ T5085] gspca_sn9c2028: read1 error -32 [ 394.919919][ T9641] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1126'. [ 395.715165][ T5090] Bluetooth: hci2: command tx timeout [ 395.983804][ T51] hsr_slave_0: left promiscuous mode [ 395.996370][ T51] hsr_slave_1: left promiscuous mode [ 396.003040][ T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 396.022815][ T51] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 396.039319][ T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 396.051388][ T51] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 396.108814][ T51] veth1_macvtap: left promiscuous mode [ 396.133565][ T51] veth0_macvtap: left promiscuous mode [ 396.194007][ T51] veth1_vlan: left promiscuous mode [ 396.200141][ T51] veth0_vlan: left promiscuous mode [ 396.220429][ T9656] binder: BINDER_SET_CONTEXT_MGR already set [ 396.245081][ T9656] binder: 9654:9656 ioctl 4018620d 20000100 returned -16 [ 396.594890][ T5134] usb 5-1: new full-speed USB device number 28 using dummy_hcd [ 396.829831][ T5134] usb 5-1: config 0 has an invalid interface number: 3 but max is 0 [ 396.858621][ T5134] usb 5-1: config 0 has no interface number 0 [ 396.865954][ T5085] usb 2-1: USB disconnect, device number 31 [ 396.895331][ T5134] usb 5-1: config 0 interface 3 altsetting 0 endpoint 0x83 has invalid maxpacket 512, setting to 64 [ 396.934319][ T5134] usb 5-1: config 0 interface 3 altsetting 0 has a duplicate endpoint with address 0x3, skipping [ 396.967106][ T5134] usb 5-1: config 0 interface 3 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 4 [ 397.019511][ T5134] usb 5-1: New USB device found, idVendor=05c6, idProduct=6001, bcdDevice=c3.7b [ 397.049411][ T5134] usb 5-1: New USB device strings: Mfr=1, Product=1, SerialNumber=3 [ 397.078387][ T5134] usb 5-1: Product: syz [ 397.095425][ T5134] usb 5-1: Manufacturer: syz [ 397.103612][ T5134] usb 5-1: SerialNumber: syz [ 397.111954][ T5134] usb 5-1: config 0 descriptor?? [ 397.348724][ T51] team0 (unregistering): Port device team_slave_1 removed [ 397.405433][ T51] team0 (unregistering): Port device team_slave_0 removed [ 397.804909][ T5090] Bluetooth: hci2: command tx timeout [ 399.391367][ T5134] usb 5-1: USB disconnect, device number 28 [ 399.471694][ T9686] binder: BINDER_SET_CONTEXT_MGR already set [ 399.480720][ T9686] binder: 9683:9686 ioctl 4018620d 20000100 returned -16 [ 399.522613][ T29] kauditd_printk_skb: 20 callbacks suppressed [ 399.522631][ T29] audit: type=1326 audit(1720373474.157:1489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9683 comm="syz.2.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f152a575bd9 code=0x7ffc0000 [ 399.550387][ C1] vkms_vblank_simulate: vblank timer overrun [ 399.567535][ T29] audit: type=1326 audit(1720373474.197:1490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9683 comm="syz.2.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f152a575bd9 code=0x7ffc0000 [ 399.603579][ T29] audit: type=1326 audit(1720373474.197:1491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9683 comm="syz.2.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f152a575bd9 code=0x7ffc0000 [ 399.625578][ T5145] usb 2-1: new high-speed USB device number 32 using dummy_hcd [ 399.644087][ T29] audit: type=1326 audit(1720373474.197:1492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9683 comm="syz.2.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f152a575bd9 code=0x7ffc0000 [ 399.665659][ C1] vkms_vblank_simulate: vblank timer overrun [ 399.697846][ T29] audit: type=1326 audit(1720373474.197:1493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9683 comm="syz.2.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f152a575bd9 code=0x7ffc0000 [ 399.724587][ T29] audit: type=1326 audit(1720373474.207:1494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9683 comm="syz.2.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f152a574610 code=0x7ffc0000 [ 399.741009][ T9691] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1143'. [ 399.752184][ T29] audit: type=1326 audit(1720373474.207:1495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9683 comm="syz.2.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f152a5757db code=0x7ffc0000 [ 399.815184][ T5145] usb 2-1: Using ep0 maxpacket: 16 [ 399.833892][ T29] audit: type=1326 audit(1720373474.207:1496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9683 comm="syz.2.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f152a5757db code=0x7ffc0000 [ 399.855717][ T5133] usb 3-1: new full-speed USB device number 14 using dummy_hcd [ 399.869208][ T5145] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 399.882179][ T5145] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 399.896446][ T5090] Bluetooth: hci2: command tx timeout [ 399.896509][ T5145] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 399.923698][ T29] audit: type=1326 audit(1720373474.227:1497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9683 comm="syz.2.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f152a5757db code=0x7ffc0000 [ 399.953074][ T9597] bridge0: port 1(bridge_slave_0) entered blocking state [ 399.981711][ T29] audit: type=1326 audit(1720373474.227:1498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9683 comm="syz.2.1140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f152a5757db code=0x7ffc0000 [ 400.016197][ T5145] usb 2-1: config 0 descriptor?? [ 400.031051][ T9597] bridge0: port 1(bridge_slave_0) entered disabled state [ 400.062569][ T9597] bridge_slave_0: entered allmulticast mode [ 400.077915][ T5133] usb 3-1: config 0 has an invalid interface number: 3 but max is 0 [ 400.107020][ T9597] bridge_slave_0: entered promiscuous mode [ 400.113217][ T5133] usb 3-1: config 0 has no interface number 0 [ 400.140195][ T5133] usb 3-1: config 0 interface 3 altsetting 0 endpoint 0x83 has invalid maxpacket 512, setting to 64 [ 400.161136][ T5133] usb 3-1: config 0 interface 3 altsetting 0 has a duplicate endpoint with address 0x3, skipping [ 400.179551][ T5133] usb 3-1: config 0 interface 3 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 4 [ 400.240808][ T5133] usb 3-1: New USB device found, idVendor=05c6, idProduct=6001, bcdDevice=c3.7b [ 400.241395][ T9597] bridge0: port 2(bridge_slave_1) entered blocking state [ 400.262937][ T9597] bridge0: port 2(bridge_slave_1) entered disabled state [ 400.293206][ T5133] usb 3-1: New USB device strings: Mfr=1, Product=1, SerialNumber=3 [ 400.302266][ T9597] bridge_slave_1: entered allmulticast mode [ 400.310210][ T9597] bridge_slave_1: entered promiscuous mode [ 400.333248][ T5133] usb 3-1: Product: syz [ 400.398814][ T5133] usb 3-1: Manufacturer: syz [ 400.439257][ T9698] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1145'. [ 400.478042][ T9682] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 400.487512][ T5133] usb 3-1: SerialNumber: syz [ 400.493401][ T9597] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 400.502875][ T9682] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 400.513429][ T5133] usb 3-1: config 0 descriptor?? [ 400.537094][ T9597] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 400.550275][ T5145] hid (null): report_id 2838798905 is invalid [ 400.577409][ T5145] hid (null): unknown global tag 0xc [ 400.598904][ T5145] hid (null): unknown global tag 0xa5 [ 400.615599][ T5145] hid (null): unknown global tag 0xd [ 400.624531][ T5145] hid (null): unknown global tag 0xc [ 400.715065][ T5145] hid-generic 0003:0158:0100.000C: unknown main item tag 0x1 [ 400.741776][ T9597] team0: Port device team_slave_0 added [ 400.753654][ T5145] hid-generic 0003:0158:0100.000C: unexpected long global item [ 400.787876][ T9597] team0: Port device team_slave_1 added [ 400.796184][ T5145] hid-generic 0003:0158:0100.000C: probe with driver hid-generic failed with error -22 [ 400.871615][ T5145] usb 2-1: USB disconnect, device number 32 [ 400.925286][ T9597] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 400.954896][ T9597] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 401.040294][ T9597] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 401.118277][ T9597] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 401.151759][ T9597] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 401.214581][ T9597] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 401.295817][ T51] IPVS: stop unused estimator thread 0... [ 401.481698][ T9597] hsr_slave_0: entered promiscuous mode [ 401.506002][ T9597] hsr_slave_1: entered promiscuous mode [ 401.563264][ T9597] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 401.573329][ T9597] Cannot create hsr debugfs directory [ 401.793561][ T5090] Bluetooth: hci0: unexpected event 0x04 length: 11 > 10 [ 403.135027][ T5134] usb 3-1: USB disconnect, device number 14 [ 403.875891][ T5090] Bluetooth: hci0: command tx timeout [ 404.245031][ T9733] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1155'. [ 404.248877][ T9730] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1157'. [ 404.254541][ T9597] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 404.317610][ T9597] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 404.341118][ T9597] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 404.366556][ T9597] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 404.544408][ T5085] usb 2-1: new high-speed USB device number 33 using dummy_hcd [ 404.558195][ T9597] 8021q: adding VLAN 0 to HW filter on device bond0 [ 404.608962][ T9597] 8021q: adding VLAN 0 to HW filter on device team0 [ 404.639212][ T5145] bridge0: port 1(bridge_slave_0) entered blocking state [ 404.646422][ T5145] bridge0: port 1(bridge_slave_0) entered forwarding state [ 404.675761][ T5145] bridge0: port 2(bridge_slave_1) entered blocking state [ 404.682900][ T5145] bridge0: port 2(bridge_slave_1) entered forwarding state [ 404.808854][ T5085] usb 2-1: Using ep0 maxpacket: 16 [ 404.826994][ T5085] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 404.968754][ T5085] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 404.978447][ T5085] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 404.989059][ T5085] usb 2-1: config 0 descriptor?? [ 405.429901][ T9734] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 405.517207][ T9734] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 405.558720][ T5085] hid (null): report_id 2838798905 is invalid [ 405.579358][ T5085] hid (null): unknown global tag 0xc [ 405.610020][ T5085] hid (null): unknown global tag 0xa5 [ 405.632763][ T9597] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 405.640845][ T5085] hid (null): unknown global tag 0xd [ 405.654795][ T5085] hid (null): unknown global tag 0xc [ 405.663199][ T5085] hid-generic 0003:0158:0100.000D: unknown main item tag 0x1 [ 405.704480][ T5085] hid-generic 0003:0158:0100.000D: unexpected long global item [ 405.712796][ T5085] hid-generic 0003:0158:0100.000D: probe with driver hid-generic failed with error -22 [ 405.750346][ T9597] veth0_vlan: entered promiscuous mode [ 405.808952][ T9597] veth1_vlan: entered promiscuous mode [ 405.852546][ T5134] usb 2-1: USB disconnect, device number 33 [ 406.453268][ T9597] veth0_macvtap: entered promiscuous mode [ 406.499488][ T9597] veth1_macvtap: entered promiscuous mode [ 406.590352][ T9597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 406.621287][ T9597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 406.702386][ T9597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 406.718522][ T9597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 406.731247][ T9597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 406.747186][ T9597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 406.757362][ T9597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 406.768663][ T9597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 406.787877][ T9597] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 406.819648][ T9597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 406.841899][ T9597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 406.871709][ T9597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 406.920144][ T9597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 406.931910][ T9597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 406.977733][ T9597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 407.008882][ T9597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 407.032248][ T9597] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 407.072073][ T9597] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 407.145417][ T9597] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 407.155759][ T9597] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 407.166486][ T9759] binder: BINDER_SET_CONTEXT_MGR already set [ 407.172710][ T9597] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 407.181799][ T9759] binder: 9757:9759 ioctl 4018620d 20000100 returned -16 [ 407.189278][ T9597] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 407.209341][ T29] kauditd_printk_skb: 32 callbacks suppressed [ 407.209354][ T29] audit: type=1326 audit(1720373481.847:1531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9757 comm="syz.4.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43fad75bd9 code=0x7ffc0000 [ 407.237118][ C1] vkms_vblank_simulate: vblank timer overrun [ 407.275845][ T29] audit: type=1326 audit(1720373481.897:1532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9757 comm="syz.4.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43fad75bd9 code=0x7ffc0000 [ 407.307772][ T29] audit: type=1326 audit(1720373481.897:1533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9757 comm="syz.4.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f43fad75bd9 code=0x7ffc0000 [ 407.390262][ T29] audit: type=1326 audit(1720373481.897:1534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9757 comm="syz.4.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43fad75bd9 code=0x7ffc0000 [ 407.478252][ T29] audit: type=1326 audit(1720373481.897:1535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9757 comm="syz.4.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43fad75bd9 code=0x7ffc0000 [ 407.570345][ T29] audit: type=1326 audit(1720373481.907:1536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9757 comm="syz.4.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f43fad74610 code=0x7ffc0000 [ 407.591989][ C1] vkms_vblank_simulate: vblank timer overrun [ 407.594549][ T5131] usb 5-1: new full-speed USB device number 29 using dummy_hcd [ 407.621322][ T7621] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 407.641850][ T7621] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 407.662230][ T29] audit: type=1326 audit(1720373481.907:1537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9757 comm="syz.4.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f43fad757db code=0x7ffc0000 [ 407.733715][ T29] audit: type=1326 audit(1720373481.907:1538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9757 comm="syz.4.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f43fad757db code=0x7ffc0000 [ 407.739823][ T5995] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 407.755341][ C1] vkms_vblank_simulate: vblank timer overrun [ 407.764632][ T29] audit: type=1326 audit(1720373481.907:1539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9757 comm="syz.4.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f43fad757db code=0x7ffc0000 [ 407.790848][ C1] vkms_vblank_simulate: vblank timer overrun [ 407.936874][ T29] audit: type=1326 audit(1720373481.907:1540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9757 comm="syz.4.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f43fad757db code=0x7ffc0000 [ 407.958333][ C1] vkms_vblank_simulate: vblank timer overrun [ 407.972684][ T5131] usb 5-1: config 0 has an invalid interface number: 3 but max is 0 [ 407.978215][ T5995] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 408.764693][ T5131] usb 5-1: config 0 has no interface number 0 [ 408.833280][ T5131] usb 5-1: config 0 interface 3 altsetting 0 endpoint 0x83 has invalid maxpacket 512, setting to 64 [ 408.851988][ T9776] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1167'. [ 408.869436][ T5131] usb 5-1: config 0 interface 3 altsetting 0 has a duplicate endpoint with address 0x3, skipping [ 408.903251][ T5131] usb 5-1: config 0 interface 3 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 4 [ 408.971759][ T5131] usb 5-1: New USB device found, idVendor=05c6, idProduct=6001, bcdDevice=c3.7b [ 408.992565][ T5131] usb 5-1: New USB device strings: Mfr=1, Product=1, SerialNumber=3 [ 409.016239][ T5131] usb 5-1: Product: syz [ 409.030331][ T5131] usb 5-1: Manufacturer: syz [ 409.070331][ T5131] usb 5-1: SerialNumber: syz [ 409.233545][ T5131] usb 5-1: config 0 descriptor?? [ 410.148857][ T5145] usb 5-1: USB disconnect, device number 29 [ 410.292173][ T9798] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1171'. [ 410.438916][ T9801] netlink: 'syz.2.1172': attribute type 6 has an invalid length. [ 411.635199][ T5145] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 411.814453][ T5131] usb 5-1: new high-speed USB device number 30 using dummy_hcd [ 411.869830][ T5145] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 411.967079][ T5145] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 411.999755][ T5145] usb 3-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00 [ 412.032935][ T5145] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 412.059240][ T5131] usb 5-1: New USB device found, idVendor=0c45, idProduct=8001, bcdDevice=90.0a [ 412.087890][ T5145] usb 3-1: config 0 descriptor?? [ 412.114466][ T5131] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 412.191744][ T5131] usb 5-1: config 0 descriptor?? [ 412.227756][ T5131] gspca_main: sn9c2028-2.14.0 probing 0c45:8001 [ 412.437948][ T5131] gspca_sn9c2028: read1 error -32 [ 412.741651][ T5145] hid-led 0003:1D34:000A.000E: unknown main item tag 0x0 [ 413.500549][ T5145] hid-led 0003:1D34:000A.000E: hidraw0: USB HID v0.00 Device [HID 1d34:000a] on usb-dummy_hcd.2-1/input0 [ 413.569239][ T5145] hid-led 0003:1D34:000A.000E: Dream Cheeky Webmail Notifier initialized [ 414.335061][ T5131] usb 5-1: USB disconnect, device number 30 [ 414.687450][ T9828] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 415.101399][ T5145] usb 3-1: USB disconnect, device number 15 [ 416.163648][ T9848] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1188'. [ 417.161461][ T9857] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1189'. [ 417.329473][ T9856] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 417.674571][ T5131] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 417.901486][ T5131] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 417.953488][ T5131] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 418.085189][ T5131] usb 3-1: config 1 has no interface number 0 [ 418.091324][ T5131] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 418.102865][ T5131] usb 3-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 418.117945][ T5131] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 418.146200][ T5131] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 418.266871][ T5131] usb 3-1: Product: syz [ 418.271093][ T5131] usb 3-1: Manufacturer: syz [ 418.280301][ T5131] usb 3-1: SerialNumber: syz [ 418.295096][ T5131] usb 3-1: selecting invalid altsetting 1 [ 419.293795][ T5090] Bluetooth: hci2: unexpected event 0x04 length: 11 > 10 [ 419.383240][ T5131] cdc_ncm 3-1:1.1: failed GET_NTB_PARAMETERS [ 419.425949][ T5131] cdc_ncm 3-1:1.1: bind() failure [ 419.457552][ T5085] usb 4-1: new high-speed USB device number 31 using dummy_hcd [ 419.644475][ T5085] usb 4-1: Using ep0 maxpacket: 32 [ 419.662640][ T5085] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 419.686771][ T5085] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 419.707946][ T5085] usb 4-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7 [ 419.725094][ T5085] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 419.754578][ T5085] usb 4-1: config 0 descriptor?? [ 421.052034][ T5129] usb 3-1: USB disconnect, device number 16 [ 421.254619][ T9895] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 421.308193][ T9905] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 421.316500][ T9905] overlayfs: failed to set xattr on upper [ 421.317946][ T5090] Bluetooth: hci2: command tx timeout [ 421.322227][ T9905] overlayfs: ...falling back to redirect_dir=nofollow. [ 421.322259][ T9905] overlayfs: ...falling back to index=off. [ 421.322275][ T9905] overlayfs: ...falling back to uuid=null. [ 421.333419][ T9905] 9pnet_fd: Insufficient options for proto=fd [ 421.561177][ T9915] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 421.693495][ T9920] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1212'. [ 422.994427][ T929] usb 2-1: new high-speed USB device number 34 using dummy_hcd [ 423.224356][ T929] usb 2-1: Using ep0 maxpacket: 16 [ 423.261985][ T929] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 423.300417][ T929] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 423.312865][ T929] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 423.363483][ T929] usb 2-1: config 0 descriptor?? [ 423.804663][ T9929] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 423.813197][ T5129] usb 4-1: USB disconnect, device number 31 [ 423.815064][ T9929] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 423.898316][ T929] hid (null): report_id 2838798905 is invalid [ 423.911610][ T9937] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1216'. [ 423.928063][ T929] hid (null): unknown global tag 0xc [ 423.937630][ T929] hid (null): unknown global tag 0xa5 [ 423.943375][ T929] hid (null): unknown global tag 0xd [ 423.952756][ T929] hid (null): unknown global tag 0xc [ 423.981087][ T929] hid-generic 0003:0158:0100.000F: unknown main item tag 0x1 [ 423.989533][ T929] hid-generic 0003:0158:0100.000F: unexpected long global item [ 424.031290][ T929] hid-generic 0003:0158:0100.000F: probe with driver hid-generic failed with error -22 [ 424.138537][ T929] usb 2-1: USB disconnect, device number 34 [ 424.350586][ T9950] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 425.026004][ T9964] overlayfs: conflicting options: nfs_export=on,metacopy=on [ 425.071479][ T9964] mac80211_hwsim hwsim22 wlan0: entered promiscuous mode [ 425.083571][ T9964] mac80211_hwsim hwsim22 wlan0: left promiscuous mode [ 425.200343][ T9972] warning: `syz.3.1227' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 425.249452][ T25] usb 1-1: new high-speed USB device number 25 using dummy_hcd [ 425.276448][ T929] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 426.245143][ T929] usb 3-1: Using ep0 maxpacket: 8 [ 426.256089][ T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 426.267951][ T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 426.268279][ T929] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 426.289104][ T25] usb 1-1: New USB device found, idVendor=056a, idProduct=00f8, bcdDevice= 4.00 [ 426.292615][ T9977] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 426.305850][ T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 426.315124][ T929] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 426.328626][ T929] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 255 [ 426.339768][ T25] usb 1-1: config 0 descriptor?? [ 426.346748][ T929] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 426.363748][ T929] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 426.373132][ T929] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 426.440172][ T9981] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1230'. [ 426.610781][ T929] usb 3-1: GET_CAPABILITIES returned 0 [ 426.709906][ T929] usbtmc 3-1:16.0: can't read capabilities [ 426.776933][ T25] wacom 0003:056A:00F8.0010: hidraw0: USB HID v0.00 Device [HID 056a:00f8] on usb-dummy_hcd.0-1/input0 [ 426.820701][ T5129] usb 3-1: USB disconnect, device number 17 [ 426.950118][ T9991] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1234'. [ 427.299444][ T5131] usb 1-1: USB disconnect, device number 25 [ 427.486694][ T9995] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 427.847612][T10000] FAULT_INJECTION: forcing a failure. [ 427.847612][T10000] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 427.870878][T10000] CPU: 0 PID: 10000 Comm: syz.2.1237 Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0 [ 427.881078][T10000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 427.891146][T10000] Call Trace: [ 427.894437][T10000] [ 427.897375][T10000] dump_stack_lvl+0x241/0x360 [ 427.902099][T10000] ? __pfx_dump_stack_lvl+0x10/0x10 [ 427.907325][T10000] ? __pfx__printk+0x10/0x10 [ 427.911944][T10000] ? __pfx_lock_release+0x10/0x10 [ 427.917004][T10000] should_fail_ex+0x3b0/0x4e0 [ 427.921710][T10000] _copy_from_user+0x2f/0xe0 [ 427.926412][T10000] do_ipv6_setsockopt+0x2f1/0x3630 [ 427.931558][T10000] ? __pfx_do_ipv6_setsockopt+0x10/0x10 [ 427.937142][T10000] ? __pfx_lock_acquire+0x10/0x10 [ 427.942185][T10000] ? get_pid_task+0x23/0x1f0 [ 427.946793][T10000] ? __pfx_lock_release+0x10/0x10 [ 427.951832][T10000] ? kstrtouint_from_user+0x128/0x190 [ 427.957241][T10000] ? mark_lock+0x9a/0x350 [ 427.961595][T10000] ? __lock_acquire+0x1346/0x1fd0 [ 427.966662][T10000] ipv6_setsockopt+0x5c/0x1a0 [ 427.971366][T10000] rawv6_setsockopt+0x327/0x740 [ 427.976239][T10000] ? __pfx_rawv6_setsockopt+0x10/0x10 [ 427.981632][T10000] ? __fget_files+0x29/0x470 [ 427.986237][T10000] ? __mutex_unlock_slowpath+0x21d/0x750 [ 427.992051][T10000] ? sock_common_setsockopt+0x37/0xc0 [ 427.997422][T10000] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 428.003333][T10000] do_sock_setsockopt+0x3af/0x720 [ 428.008367][T10000] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 428.013938][T10000] ? __fget_files+0x29/0x470 [ 428.018524][T10000] ? __fget_files+0x3f6/0x470 [ 428.023217][T10000] __sys_setsockopt+0x1ae/0x250 [ 428.028067][T10000] __x64_sys_setsockopt+0xb5/0xd0 [ 428.033088][T10000] do_syscall_64+0xf3/0x230 [ 428.037603][T10000] ? clear_bhb_loop+0x35/0x90 [ 428.042293][T10000] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 428.048182][T10000] RIP: 0033:0x7f152a575bd9 [ 428.052679][T10000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 428.072281][T10000] RSP: 002b:00007f1529fff048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 428.080698][T10000] RAX: ffffffffffffffda RBX: 00007f152a703f60 RCX: 00007f152a575bd9 [ 428.088669][T10000] RDX: 0000000000000048 RSI: 0000000000000029 RDI: 0000000000000003 [ 428.096647][T10000] RBP: 00007f1529fff0a0 R08: 0000000000000004 R09: 0000000000000000 [ 428.104728][T10000] R10: 0000000020000400 R11: 0000000000000246 R12: 0000000000000001 [ 428.112743][T10000] R13: 000000000000000b R14: 00007f152a703f60 R15: 00007fff71511c98 [ 428.120732][T10000] [ 429.103672][ T35] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 429.371446][ T35] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 429.465869][ T35] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 429.659221][ T35] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 429.722775][ T5088] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 429.732193][ T5088] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 429.740722][ T5088] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 429.784569][ T5088] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 429.793496][ T5088] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 429.801182][ T5088] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 429.934774][ T29] kauditd_printk_skb: 27 callbacks suppressed [ 429.934791][ T29] audit: type=1326 audit(1720373504.577:1568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10012 comm="syz.2.1241" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f152a575bd9 code=0x0 [ 430.156964][ T5129] usb 2-1: new high-speed USB device number 35 using dummy_hcd [ 430.210317][ T35] bridge_slave_1: left allmulticast mode [ 430.235733][ T35] bridge_slave_1: left promiscuous mode [ 430.244877][ T35] bridge0: port 2(bridge_slave_1) entered disabled state [ 430.306156][ T35] bridge_slave_0: left allmulticast mode [ 430.331700][ T35] bridge_slave_0: left promiscuous mode [ 430.374406][ T5129] usb 2-1: Using ep0 maxpacket: 8 [ 430.379678][ T35] bridge0: port 1(bridge_slave_0) entered disabled state [ 430.405535][ T5129] usb 2-1: config index 0 descriptor too short (expected 301, got 45) [ 430.424121][ T5129] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 430.441635][ T5129] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 430.472781][ T5129] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 430.502752][ T5129] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 430.532432][ T5129] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 430.553569][ T5129] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 430.781667][ T5129] usb 2-1: usb_control_msg returned -32 [ 430.788507][ T5129] usbtmc 2-1:16.0: can't read capabilities [ 431.841284][T10036] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 431.882837][ T5088] Bluetooth: hci2: command tx timeout [ 432.039174][ T5129] usb 5-1: new high-speed USB device number 31 using dummy_hcd [ 432.268820][ T5129] usb 5-1: Using ep0 maxpacket: 16 [ 432.313512][ T5129] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 432.331900][ T5129] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 432.341783][ T5129] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 432.364954][ T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 432.376255][ T5129] usb 5-1: config 0 descriptor?? [ 432.388700][ T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 432.401652][ T35] bond0 (unregistering): Released all slaves [ 432.426340][ T5145] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 432.551619][T10015] chnl_net:caif_netlink_parms(): no params data found [ 432.775403][ T5145] usb 3-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 432.863565][ T5145] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 432.952834][T10041] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 433.038927][ T5145] usb 3-1: config 0 descriptor?? [ 433.068555][T10041] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 433.435041][ T5129] hid (null): report_id 2838798905 is invalid [ 433.441183][ T5129] hid (null): unknown global tag 0xc [ 433.475006][ T5133] usb 2-1: USB disconnect, device number 35 [ 433.546622][ T5129] hid (null): unknown global tag 0xa5 [ 433.552073][ T5129] hid (null): unknown global tag 0xd [ 433.559380][ T5129] hid (null): unknown global tag 0xc [ 433.567512][ T5129] hid-generic 0003:0158:0100.0011: unknown main item tag 0x1 [ 433.584341][ T5129] hid-generic 0003:0158:0100.0011: unexpected long global item [ 433.592641][ T5129] hid-generic 0003:0158:0100.0011: probe with driver hid-generic failed with error -22 [ 433.623094][ T5129] usb 5-1: USB disconnect, device number 31 [ 433.719294][ T5145] usb 3-1: Cannot read MAC address [ 433.815913][T10061] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1254'. [ 433.825704][ T5145] MOSCHIP usb-ethernet driver 3-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -61 [ 433.838816][T10015] bridge0: port 1(bridge_slave_0) entered blocking state [ 433.850257][T10015] bridge0: port 1(bridge_slave_0) entered disabled state [ 433.955709][ T5088] Bluetooth: hci2: command tx timeout [ 433.967878][T10015] bridge_slave_0: entered allmulticast mode [ 433.981770][T10015] bridge_slave_0: entered promiscuous mode [ 434.587738][ T35] hsr_slave_0: left promiscuous mode [ 434.625012][ T35] hsr_slave_1: left promiscuous mode [ 434.640708][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 434.654110][ T35] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 434.704506][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 434.730370][ T35] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 434.792376][ T35] veth1_macvtap: left promiscuous mode [ 434.809335][ T35] veth0_macvtap: left promiscuous mode [ 434.824200][ T35] veth1_vlan: left promiscuous mode [ 434.850602][ T35] veth0_vlan: left promiscuous mode [ 435.143901][ T25] usb 3-1: USB disconnect, device number 18 [ 435.276450][ T5134] usb 5-1: new high-speed USB device number 32 using dummy_hcd [ 435.492578][ T5134] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 435.516017][ T5134] usb 5-1: config 0 has no interfaces? [ 435.526137][ T5134] usb 5-1: New USB device found, idVendor=056a, idProduct=4001, bcdDevice= 0.00 [ 435.551581][ T5134] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 435.579449][ T5134] usb 5-1: config 0 descriptor?? [ 436.034451][ T5088] Bluetooth: hci2: command tx timeout [ 436.169134][ T35] team0 (unregistering): Port device team_slave_1 removed [ 436.279173][ T35] team0 (unregistering): Port device team_slave_0 removed [ 436.315688][T10089] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 436.708897][ T5131] usb 5-1: USB disconnect, device number 32 [ 439.206190][ T5088] Bluetooth: hci2: command tx timeout [ 439.491540][T10015] bridge0: port 2(bridge_slave_1) entered blocking state [ 439.510533][T10015] bridge0: port 2(bridge_slave_1) entered disabled state [ 439.538027][T10015] bridge_slave_1: entered allmulticast mode [ 439.605870][T10015] bridge_slave_1: entered promiscuous mode [ 440.364886][ T1249] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.371231][ T1249] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.457247][T10015] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 440.505303][T10126] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1271'. [ 440.512014][T10015] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 440.606485][T10015] team0: Port device team_slave_0 added [ 440.682937][T10015] team0: Port device team_slave_1 added [ 440.836096][T10135] netlink: 332 bytes leftover after parsing attributes in process `syz.3.1275'. [ 440.836723][T10015] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 440.858455][T10015] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 440.897741][T10135] netlink: 652 bytes leftover after parsing attributes in process `syz.3.1275'. [ 440.942644][T10015] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 440.988768][T10015] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 441.000143][T10015] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 441.026231][ C1] vkms_vblank_simulate: vblank timer overrun [ 441.071232][T10015] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 441.326222][T10015] hsr_slave_0: entered promiscuous mode [ 441.343708][T10015] hsr_slave_1: entered promiscuous mode [ 441.370942][T10015] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 441.381466][T10015] Cannot create hsr debugfs directory [ 441.574400][ T5145] usb 4-1: new high-speed USB device number 32 using dummy_hcd [ 441.759282][T10150] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1280'. [ 441.784377][ T5145] usb 4-1: Using ep0 maxpacket: 32 [ 441.794096][ T5145] usb 4-1: config index 0 descriptor too short (expected 29220, got 36) [ 441.804930][ T5145] usb 4-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 441.813926][ T5145] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 441.827229][ T5145] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 441.947527][ T5085] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 441.975427][ T5145] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 441.985355][ T5145] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 441.998630][ T5145] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 442.007879][ T5145] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 442.812517][ T5145] usb 4-1: config 0 descriptor?? [ 442.883492][ T5085] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 442.914943][ T5085] usb 3-1: config 0 has no interfaces? [ 442.933576][ T5085] usb 3-1: New USB device found, idVendor=056a, idProduct=4001, bcdDevice= 0.00 [ 442.960969][ T5085] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 443.003494][ T5085] usb 3-1: config 0 descriptor?? [ 443.047269][ T5145] usblp 4-1:0.0: usblp0: USB Bidirectional printer dev 32 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 443.057341][T10015] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 443.093478][T10015] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 443.097834][ T5145] usb 4-1: USB disconnect, device number 32 [ 443.119684][T10015] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 443.120255][ T5145] usblp0: removed [ 443.152202][T10015] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 443.490992][T10015] 8021q: adding VLAN 0 to HW filter on device bond0 [ 443.525258][T10015] 8021q: adding VLAN 0 to HW filter on device team0 [ 443.554881][ T5134] bridge0: port 1(bridge_slave_0) entered blocking state [ 443.562052][ T5134] bridge0: port 1(bridge_slave_0) entered forwarding state [ 443.610373][ T5134] bridge0: port 2(bridge_slave_1) entered blocking state [ 443.617629][ T5134] bridge0: port 2(bridge_slave_1) entered forwarding state [ 443.714783][ T5085] usb 2-1: new high-speed USB device number 36 using dummy_hcd [ 443.904673][ T5085] usb 2-1: Using ep0 maxpacket: 8 [ 443.914677][ T5085] usb 2-1: config index 0 descriptor too short (expected 301, got 45) [ 443.945639][ T5085] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 443.994620][ T5085] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 444.020996][ T5085] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 444.049857][ T5085] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 444.082906][ T5085] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 444.112425][ T5085] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 444.154601][ T5145] usb 4-1: new high-speed USB device number 33 using dummy_hcd [ 444.258328][T10015] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 444.317180][ T5133] usb 3-1: USB disconnect, device number 19 [ 444.358609][ T5145] usb 4-1: device descriptor read/64, error -71 [ 444.383381][ T5085] usb 2-1: usb_control_msg returned -32 [ 444.402663][ T5085] usbtmc 2-1:16.0: can't read capabilities [ 444.456424][T10015] veth0_vlan: entered promiscuous mode [ 444.483616][T10015] veth1_vlan: entered promiscuous mode [ 444.545403][T10015] veth0_macvtap: entered promiscuous mode [ 444.569275][T10015] veth1_macvtap: entered promiscuous mode [ 444.602040][T10015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 444.634219][T10015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 444.644179][T10015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 444.664380][ T5145] usb 4-1: new high-speed USB device number 34 using dummy_hcd [ 444.681289][T10015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 444.708002][T10015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 444.726035][T10015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 444.791104][T10015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 444.812235][T10015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 444.825690][T10015] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 444.884425][ T5145] usb 4-1: device descriptor read/64, error -71 [ 444.885336][T10015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 444.907819][T10015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 444.927928][T10015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 444.942129][T10015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 444.953229][T10015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 444.968746][T10015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 444.979832][T10015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 445.007867][T10015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 445.022943][T10015] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 445.024912][ T5145] usb usb4-port1: attempt power cycle [ 445.042971][T10015] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 445.056629][T10015] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 445.070279][ T5145] ================================================================== [ 445.078452][ T5145] BUG: KASAN: slab-use-after-free in raw_queue_event+0x299/0x2e0 [ 445.079504][T10015] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 445.086176][ T5145] Read of size 4 at addr ffff888066f5c978 by task kworker/1:6/5145 [ 445.086194][ T5145] [ 445.086201][ T5145] CPU: 1 PID: 5145 Comm: kworker/1:6 Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0 [ 445.086220][ T5145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 445.086233][ T5145] Workqueue: usb_hub_wq hub_event [ 445.086256][ T5145] Call Trace: [ 445.086265][ T5145] [ 445.086272][ T5145] dump_stack_lvl+0x241/0x360 [ 445.104180][T10015] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 445.105110][ T5145] ? __pfx_dump_stack_lvl+0x10/0x10 [ 445.105142][ T5145] ? __pfx__printk+0x10/0x10 [ 445.105165][ T5145] ? _printk+0xd5/0x120 [ 445.105189][ T5145] ? __virt_addr_valid+0x183/0x520 [ 445.168859][ T5145] ? __virt_addr_valid+0x183/0x520 [ 445.173974][ T5145] print_report+0x169/0x550 [ 445.178470][ T5145] ? __virt_addr_valid+0x183/0x520 [ 445.183571][ T5145] ? __virt_addr_valid+0x183/0x520 [ 445.188669][ T5145] ? __virt_addr_valid+0x44e/0x520 [ 445.193771][ T5145] ? __phys_addr+0xba/0x170 [ 445.198265][ T5145] ? raw_queue_event+0x299/0x2e0 [ 445.203197][ T5145] kasan_report+0x143/0x180 [ 445.207687][ T5145] ? raw_queue_event+0x299/0x2e0 [ 445.212618][ T5145] raw_queue_event+0x299/0x2e0 [ 445.217376][ T5145] gadget_disconnect+0x50/0xb0 [ 445.222135][ T5145] set_link_state+0xc81/0x1200 [ 445.226892][ T5145] dummy_hub_control+0xb86/0x1b10 [ 445.231910][ T5145] ? __kmalloc_noprof+0x217/0x400 [ 445.236929][ T5145] usb_hcd_submit_urb+0xffc/0x1e80 [ 445.242038][ T5145] ? lockdep_init_map_type+0xa1/0x910 [ 445.247397][ T5145] ? __pfx_usb_hcd_submit_urb+0x10/0x10 [ 445.252931][ T5145] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 445.258729][ T5145] ? usb_submit_urb+0xe85/0x18c0 [ 445.263682][ T5145] usb_start_wait_urb+0x113/0x520 [ 445.268718][ T5145] ? __pfx_usb_start_wait_urb+0x10/0x10 [ 445.274264][ T5145] ? __kmalloc_noprof+0x217/0x400 [ 445.279290][ T5145] usb_control_msg+0x2b1/0x4c0 [ 445.284050][ T5145] ? __pfx_usb_control_msg+0x10/0x10 [ 445.289339][ T5145] ? kfree+0x149/0x360 [ 445.293420][ T5145] hub_event+0x30f2/0x5150 [ 445.297855][ T5145] ? __pfx_hub_event+0x10/0x10 [ 445.302606][ T5145] ? __pfx_lock_acquire+0x10/0x10 [ 445.307620][ T5145] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 445.313592][ T5145] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 445.319928][ T5145] ? process_scheduled_works+0x945/0x1830 [ 445.325649][ T5145] process_scheduled_works+0xa2c/0x1830 [ 445.331214][ T5145] ? __pfx_process_scheduled_works+0x10/0x10 [ 445.337202][ T5145] ? assign_work+0x364/0x3d0 [ 445.341793][ T5145] worker_thread+0x86d/0xd50 [ 445.346387][ T5145] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 445.352280][ T5145] ? __kthread_parkme+0x169/0x1d0 [ 445.357302][ T5145] ? __pfx_worker_thread+0x10/0x10 [ 445.362511][ T5145] kthread+0x2f0/0x390 [ 445.366588][ T5145] ? __pfx_worker_thread+0x10/0x10 [ 445.371697][ T5145] ? __pfx_kthread+0x10/0x10 [ 445.376283][ T5145] ret_from_fork+0x4b/0x80 [ 445.380697][ T5145] ? __pfx_kthread+0x10/0x10 [ 445.385453][ T5145] ret_from_fork_asm+0x1a/0x30 [ 445.390222][ T5145] [ 445.393225][ T5145] [ 445.395532][ T5145] Allocated by task 10173: [ 445.399950][ T5145] kasan_save_track+0x3f/0x80 [ 445.404627][ T5145] __kasan_kmalloc+0x98/0xb0 [ 445.409221][ T5145] kmalloc_trace_noprof+0x19c/0x2c0 [ 445.414420][ T5145] raw_open+0x8c/0x4d0 [ 445.418510][ T5145] misc_open+0x313/0x390 [ 445.422786][ T5145] chrdev_open+0x5b0/0x630 [ 445.427199][ T5145] do_dentry_open+0x970/0x1450 [ 445.431954][ T5145] vfs_open+0x3e/0x330 [ 445.436014][ T5145] path_openat+0x2c01/0x35f0 [ 445.440601][ T5145] do_filp_open+0x235/0x490 [ 445.445095][ T5145] do_sys_openat2+0x13e/0x1d0 [ 445.449762][ T5145] __x64_sys_openat+0x247/0x2a0 [ 445.454607][ T5145] do_syscall_64+0xf3/0x230 [ 445.459114][ T5145] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 445.465009][ T5145] [ 445.467321][ T5145] Freed by task 10139: [ 445.471395][ T5145] kasan_save_track+0x3f/0x80 [ 445.476070][ T5145] kasan_save_free_info+0x40/0x50 [ 445.481109][ T5145] poison_slab_object+0xe0/0x150 [ 445.486055][ T5145] __kasan_slab_free+0x37/0x60 [ 445.490817][ T5145] kfree+0x149/0x360 [ 445.494708][ T5145] raw_release+0x138/0x1e0 [ 445.499121][ T5145] __fput+0x24a/0x8a0 [ 445.503093][ T5145] task_work_run+0x24f/0x310 [ 445.507674][ T5145] do_exit+0xa27/0x27e0 [ 445.511825][ T5145] do_group_exit+0x207/0x2c0 [ 445.516413][ T5145] get_signal+0x16a1/0x1740 [ 445.520909][ T5145] arch_do_signal_or_restart+0x96/0x860 [ 445.526443][ T5145] syscall_exit_to_user_mode+0xc9/0x360 [ 445.531981][ T5145] do_syscall_64+0x100/0x230 [ 445.536563][ T5145] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 445.542455][ T5145] [ 445.544767][ T5145] The buggy address belongs to the object at ffff888066f5c000 [ 445.544767][ T5145] which belongs to the cache kmalloc-4k of size 4096 [ 445.558806][ T5145] The buggy address is located 2424 bytes inside of [ 445.558806][ T5145] freed 4096-byte region [ffff888066f5c000, ffff888066f5d000) [ 445.572766][ T5145] [ 445.575076][ T5145] The buggy address belongs to the physical page: [ 445.581476][ T5145] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x66f58 [ 445.590220][ T5145] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 445.598703][ T5145] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 445.606238][ T5145] page_type: 0xffffefff(slab) [ 445.610902][ T5145] raw: 00fff00000000040 ffff888015042140 ffffea0000bf8000 dead000000000002 [ 445.619472][ T5145] raw: 0000000000000000 0000000000040004 00000001ffffefff 0000000000000000 [ 445.628041][ T5145] head: 00fff00000000040 ffff888015042140 ffffea0000bf8000 dead000000000002 [ 445.636698][ T5145] head: 0000000000000000 0000000000040004 00000001ffffefff 0000000000000000 [ 445.645355][ T5145] head: 00fff00000000003 ffffea00019bd601 ffffffffffffffff 0000000000000000 [ 445.654011][ T5145] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 445.662659][ T5145] page dumped because: kasan: bad access detected [ 445.669071][ T5145] page_owner tracks the page as allocated [ 445.674766][ T5145] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 5177, tgid 5174 (syz.0.1), ts 69708451232, free_ts 15196910197 [ 445.696282][ T5145] post_alloc_hook+0x1f3/0x230 [ 445.701036][ T5145] get_page_from_freelist+0x2e4c/0x2f10 [ 445.706571][ T5145] __alloc_pages_noprof+0x256/0x6c0 [ 445.711758][ T5145] alloc_slab_page+0x5f/0x120 [ 445.716517][ T5145] allocate_slab+0x5a/0x2f0 [ 445.721012][ T5145] ___slab_alloc+0xcd1/0x14b0 [ 445.725681][ T5145] __slab_alloc+0x58/0xa0 [ 445.729997][ T5145] __kmalloc_noprof+0x257/0x400 [ 445.734842][ T5145] tomoyo_realpath_from_path+0xcf/0x5e0 [ 445.740377][ T5145] tomoyo_path_number_perm+0x23a/0x880 [ 445.745827][ T5145] security_file_ioctl+0x75/0xb0 [ 445.750752][ T5145] __se_sys_ioctl+0x47/0x170 [ 445.755335][ T5145] do_syscall_64+0xf3/0x230 [ 445.759833][ T5145] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 445.765715][ T5145] page last free pid 1 tgid 1 stack trace: [ 445.771504][ T5145] free_unref_page+0xd19/0xea0 [ 445.776256][ T5145] free_contig_range+0x9e/0x160 [ 445.781097][ T5145] destroy_args+0x8a/0x890 [ 445.785502][ T5145] debug_vm_pgtable+0x4be/0x550 [ 445.790338][ T5145] do_one_initcall+0x248/0x880 [ 445.795091][ T5145] do_initcall_level+0x157/0x210 [ 445.800014][ T5145] do_initcalls+0x3f/0x80 [ 445.804354][ T5145] kernel_init_freeable+0x435/0x5d0 [ 445.809535][ T5145] kernel_init+0x1d/0x2b0 [ 445.813848][ T5145] ret_from_fork+0x4b/0x80 [ 445.818259][ T5145] ret_from_fork_asm+0x1a/0x30 [ 445.823020][ T5145] [ 445.825331][ T5145] Memory state around the buggy address: [ 445.830942][ T5145] ffff888066f5c800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 445.838983][ T5145] ffff888066f5c880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 445.847029][ T5145] >ffff888066f5c900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 445.855071][ T5145] ^ [ 445.863027][ T5145] ffff888066f5c980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 445.871071][ T5145] ffff888066f5ca00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 445.879144][ T5145] ================================================================== [ 445.887190][ T5145] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 445.894363][ T5145] CPU: 1 PID: 5145 Comm: kworker/1:6 Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0 [ 445.904503][ T5145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 445.914547][ T5145] Workqueue: usb_hub_wq hub_event [ 445.919575][ T5145] Call Trace: [ 445.922842][ T5145] [ 445.925864][ T5145] dump_stack_lvl+0x241/0x360 [ 445.930551][ T5145] ? __pfx_dump_stack_lvl+0x10/0x10 [ 445.935774][ T5145] ? __pfx__printk+0x10/0x10 [ 445.940364][ T5145] ? rcu_is_watching+0x15/0xb0 [ 445.945180][ T5145] ? vscnprintf+0x5d/0x90 [ 445.949521][ T5145] panic+0x349/0x860 [ 445.953424][ T5145] ? __pfx_lock_release+0x10/0x10 [ 445.958440][ T5145] ? check_panic_on_warn+0x21/0xb0 [ 445.963545][ T5145] ? __pfx_panic+0x10/0x10 [ 445.967955][ T5145] ? do_raw_spin_unlock+0x13c/0x8b0 [ 445.973150][ T5145] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 445.979041][ T5145] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 445.985364][ T5145] check_panic_on_warn+0x86/0xb0 [ 445.990296][ T5145] ? raw_queue_event+0x299/0x2e0 [ 445.995230][ T5145] end_report+0x77/0x160 [ 445.999458][ T5145] kasan_report+0x154/0x180 [ 446.003950][ T5145] ? raw_queue_event+0x299/0x2e0 [ 446.008976][ T5145] raw_queue_event+0x299/0x2e0 [ 446.013732][ T5145] gadget_disconnect+0x50/0xb0 [ 446.018488][ T5145] set_link_state+0xc81/0x1200 [ 446.023242][ T5145] dummy_hub_control+0xb86/0x1b10 [ 446.028254][ T5145] ? __kmalloc_noprof+0x217/0x400 [ 446.033444][ T5145] usb_hcd_submit_urb+0xffc/0x1e80 [ 446.038567][ T5145] ? lockdep_init_map_type+0xa1/0x910 [ 446.043930][ T5145] ? __pfx_usb_hcd_submit_urb+0x10/0x10 [ 446.049470][ T5145] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 446.055267][ T5145] ? usb_submit_urb+0xe85/0x18c0 [ 446.060201][ T5145] usb_start_wait_urb+0x113/0x520 [ 446.065216][ T5145] ? __pfx_usb_start_wait_urb+0x10/0x10 [ 446.070750][ T5145] ? __kmalloc_noprof+0x217/0x400 [ 446.075766][ T5145] usb_control_msg+0x2b1/0x4c0 [ 446.080614][ T5145] ? __pfx_usb_control_msg+0x10/0x10 [ 446.085885][ T5145] ? kfree+0x149/0x360 [ 446.089944][ T5145] hub_event+0x30f2/0x5150 [ 446.094366][ T5145] ? __pfx_hub_event+0x10/0x10 [ 446.099123][ T5145] ? __pfx_lock_acquire+0x10/0x10 [ 446.104131][ T5145] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 446.110095][ T5145] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 446.116412][ T5145] ? process_scheduled_works+0x945/0x1830 [ 446.122117][ T5145] process_scheduled_works+0xa2c/0x1830 [ 446.127657][ T5145] ? __pfx_process_scheduled_works+0x10/0x10 [ 446.133626][ T5145] ? assign_work+0x364/0x3d0 [ 446.138204][ T5145] worker_thread+0x86d/0xd50 [ 446.142782][ T5145] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 446.148692][ T5145] ? __kthread_parkme+0x169/0x1d0 [ 446.153795][ T5145] ? __pfx_worker_thread+0x10/0x10 [ 446.158999][ T5145] kthread+0x2f0/0x390 [ 446.163094][ T5145] ? __pfx_worker_thread+0x10/0x10 [ 446.168212][ T5145] ? __pfx_kthread+0x10/0x10 [ 446.172801][ T5145] ret_from_fork+0x4b/0x80 [ 446.177213][ T5145] ? __pfx_kthread+0x10/0x10 [ 446.181796][ T5145] ret_from_fork_asm+0x1a/0x30 [ 446.186559][ T5145] [ 446.189926][ T5145] Kernel Offset: disabled [ 446.194238][ T5145] Rebooting in 86400 seconds..